Vulnerability-Lookup - Search a vulnerability

cve-2015-3628

Vulnerability from cvelistv5

Published

2015-12-07 20:00

Modified

2024-08-06 05:47

Severity ?

Summary

The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP AAM 11.4.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 before 11.6.0 HF6, BIG-IP PSM 11.3.0 through 11.4.1, Enterprise Manager 3.1.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with the "Resource Administrator" role to gain privileges via an iCall (1) script or (2) handler in a SOAP request to iControl/iControlPortal.cgi.

References

▼	URL	Tags
	https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1034307	vdb-entry, x_refsource_SECTRACK
	https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html	x_refsource_MISC
	http://www.securitytracker.com/id/1034306	vdb-entry, x_refsource_SECTRACK
	http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd	x_refsource_MISC
	https://www.exploit-db.com/exploits/38764/	exploit, x_refsource_EXPLOIT-DB
	http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:47:57.891Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html"
          },
          {
            "name": "1034307",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034307"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html"
          },
          {
            "name": "1034306",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034306"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd"
          },
          {
            "name": "38764",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/38764/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP AAM 11.4.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 before 11.6.0 HF6, BIG-IP PSM 11.3.0 through 11.4.1, Enterprise Manager 3.1.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with the \"Resource Administrator\" role to gain privileges via an iCall (1) script or (2) handler in a SOAP request to iControl/iControlPortal.cgi."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-12T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html"
        },
        {
          "name": "1034307",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034307"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html"
        },
        {
          "name": "1034306",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034306"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd"
        },
        {
          "name": "38764",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/38764/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-3628",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP AAM 11.4.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 before 11.6.0 HF6, BIG-IP PSM 11.3.0 through 11.4.1, Enterprise Manager 3.1.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with the \"Resource Administrator\" role to gain privileges via an iCall (1) script or (2) handler in a SOAP request to iControl/iControlPortal.cgi."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html"
            },
            {
              "name": "1034307",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034307"
            },
            {
              "name": "https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html",
              "refsource": "MISC",
              "url": "https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html"
            },
            {
              "name": "1034306",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034306"
            },
            {
              "name": "http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd",
              "refsource": "MISC",
              "url": "http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd"
            },
            {
              "name": "38764",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/38764/"
            },
            {
              "name": "http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-3628",
    "datePublished": "2015-12-07T20:00:00",
    "dateReserved": "2015-04-30T00:00:00",
    "dateUpdated": "2024-08-06T05:47:57.891Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-8730

Vulnerability from cvelistv5

Published

2014-12-10 00:00

Modified

2024-08-06 13:26

Severity ?

Summary

The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself.

References

▼	URL	Tags
	http://secunia.com/advisories/62167	third-party-advisory, x_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2014/12/09/27	mailing-list, x_refsource_MLIST
	http://marc.info/?l=bugtraq&m=144372772101168&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21693495	x_refsource_CONFIRM
	https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151	x_refsource_CONFIRM
	http://secunia.com/advisories/62224	third-party-advisory, x_refsource_SECUNIA
	https://support.lenovo.com/us/en/product_security/poodle	x_refsource_CONFIRM
	https://www.imperialviolet.org/2014/12/08/poodleagain.html	x_refsource_MISC
	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21693271	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21693337	x_refsource_CONFIRM
	http://secunia.com/advisories/62388	third-party-advisory, x_refsource_SECUNIA
	https://support.lenovo.com/product_security/poodle	x_refsource_CONFIRM
	https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:26:02.525Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "62167",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62167"
          },
          {
            "name": "[oss-security] 20141209 Re: CVE question: Return of POODLE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/09/27"
          },
          {
            "name": "HPSBPV03516",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144372772101168\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151"
          },
          {
            "name": "62224",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62224"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/poodle"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337"
          },
          {
            "name": "62388",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62388"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/product_security/poodle"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).  NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-30T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "62167",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62167"
        },
        {
          "name": "[oss-security] 20141209 Re: CVE question: Return of POODLE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/09/27"
        },
        {
          "name": "HPSBPV03516",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144372772101168\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151"
        },
        {
          "name": "62224",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62224"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/poodle"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337"
        },
        {
          "name": "62388",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62388"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/product_security/poodle"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-8730",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).  NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "62167",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62167"
            },
            {
              "name": "[oss-security] 20141209 Re: CVE question: Return of POODLE",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/09/27"
            },
            {
              "name": "HPSBPV03516",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=144372772101168\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495"
            },
            {
              "name": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151",
              "refsource": "CONFIRM",
              "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151"
            },
            {
              "name": "62224",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62224"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/poodle",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/poodle"
            },
            {
              "name": "https://www.imperialviolet.org/2014/12/08/poodleagain.html",
              "refsource": "MISC",
              "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html"
            },
            {
              "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635",
              "refsource": "CONFIRM",
              "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337"
            },
            {
              "name": "62388",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62388"
            },
            {
              "name": "https://support.lenovo.com/product_security/poodle",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/product_security/poodle"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-8730",
    "datePublished": "2014-12-10T00:00:00",
    "dateReserved": "2014-11-10T00:00:00",
    "dateUpdated": "2024-08-06T13:26:02.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-3587

Vulnerability from cvelistv5

Published

2020-02-21 17:11

Modified

2024-08-06 16:14

Severity ?

Summary

The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack, a different issue than CVE-2012-4929.

References

▼	URL	Tags
	http://breachattack.com/	x_refsource_MISC
	http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407	x_refsource_MISC
	http://slashdot.org/story/13/08/05/233216	x_refsource_MISC
	http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf	x_refsource_MISC
	https://www.blackhat.com/us-13/briefings.html#Prado	x_refsource_MISC
	http://github.com/meldium/breach-mitigation-rails	x_refsource_MISC
	https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/	x_refsource_MISC
	http://www.kb.cert.org/vuls/id/987798	x_refsource_MISC
	https://hackerone.com/reports/254895	x_refsource_MISC
	https://bugzilla.redhat.com/show_bug.cgi?id=995168	x_refsource_MISC
	https://support.f5.com/csp/article/K14634	x_refsource_MISC
	https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apache.org%3E	mailing-list, x_refsource_MLIST

Impacted products

Vendor

Product

Version

▼

n/a

HTTPS protocol

Version: all

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:14:56.365Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://breachattack.com/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://slashdot.org/story/13/08/05/233216"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.blackhat.com/us-13/briefings.html#Prado"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://github.com/meldium/breach-mitigation-rails"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/987798"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/254895"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=995168"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K14634"
          },
          {
            "name": "[httpd-dev] 20210409 GSOC project Idea- fix for CVE-2013-3587",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "HTTPS protocol",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "all"
            }
          ]
        }
      ],
      "datePublic": "2012-09-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a \"BREACH\" attack, a different issue than CVE-2012-4929."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-10T00:06:26",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://breachattack.com/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://slashdot.org/story/13/08/05/233216"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.blackhat.com/us-13/briefings.html#Prado"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://github.com/meldium/breach-mitigation-rails"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.kb.cert.org/vuls/id/987798"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://hackerone.com/reports/254895"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=995168"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.f5.com/csp/article/K14634"
        },
        {
          "name": "[httpd-dev] 20210409 GSOC project Idea- fix for CVE-2013-3587",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2013-3587",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "HTTPS protocol",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "all"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a \"BREACH\" attack, a different issue than CVE-2012-4929."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://breachattack.com/",
              "refsource": "MISC",
              "url": "http://breachattack.com/"
            },
            {
              "name": "http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407",
              "refsource": "MISC",
              "url": "http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407"
            },
            {
              "name": "http://slashdot.org/story/13/08/05/233216",
              "refsource": "MISC",
              "url": "http://slashdot.org/story/13/08/05/233216"
            },
            {
              "name": "http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf",
              "refsource": "MISC",
              "url": "http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf"
            },
            {
              "name": "https://www.blackhat.com/us-13/briefings.html#Prado",
              "refsource": "MISC",
              "url": "https://www.blackhat.com/us-13/briefings.html#Prado"
            },
            {
              "name": "http://github.com/meldium/breach-mitigation-rails",
              "refsource": "MISC",
              "url": "http://github.com/meldium/breach-mitigation-rails"
            },
            {
              "name": "https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/",
              "refsource": "MISC",
              "url": "https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/"
            },
            {
              "name": "http://www.kb.cert.org/vuls/id/987798",
              "refsource": "MISC",
              "url": "http://www.kb.cert.org/vuls/id/987798"
            },
            {
              "name": "https://hackerone.com/reports/254895",
              "refsource": "MISC",
              "url": "https://hackerone.com/reports/254895"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=995168",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=995168"
            },
            {
              "name": "https://support.f5.com/csp/article/K14634",
              "refsource": "MISC",
              "url": "https://support.f5.com/csp/article/K14634"
            },
            {
              "name": "[httpd-dev] 20210409 GSOC project Idea- fix for CVE-2013-3587",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1@%3Cdev.httpd.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2013-3587",
    "datePublished": "2020-02-21T17:11:47",
    "dateReserved": "2013-05-21T00:00:00",
    "dateUpdated": "2024-08-06T16:14:56.365Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-0150

Vulnerability from cvelistv5

Published

2013-08-09 18:00

Modified

2024-09-16 18:29

Severity ?

Summary

Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products "when APM is provisioned," allows remote attackers to upload and execute arbitrary files via a .. (dot dot) in the filename parameter.

References

▼	URL	Tags
	https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/	x_refsource_MISC
	http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html	x_refsource_CONFIRM
	http://secunia.com/advisories/53477	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:18:09.463Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html"
          },
          {
            "name": "53477",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/53477"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products \"when APM is provisioned,\" allows remote attackers to upload and execute arbitrary files via a ..  (dot dot) in the filename parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-08-09T18:00:00Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html"
        },
        {
          "name": "53477",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/53477"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2013-0150",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products \"when APM is provisioned,\" allows remote attackers to upload and execute arbitrary files via a ..  (dot dot) in the filename parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/",
              "refsource": "MISC",
              "url": "https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/"
            },
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html"
            },
            {
              "name": "53477",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/53477"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2013-0150",
    "datePublished": "2013-08-09T18:00:00Z",
    "dateReserved": "2012-12-06T00:00:00Z",
    "dateUpdated": "2024-09-16T18:29:34.115Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-7393

Vulnerability from cvelistv5

Published

2016-01-12 20:00

Modified

2024-08-06 07:51

Severity ?

Summary

dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors.

References

▼	URL	Tags
	https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html	x_refsource_CONFIRM
	http://securitytracker.com/id/1034632	vdb-entry, x_refsource_SECTRACK
	http://www.securitytracker.com/id/1034633	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:51:27.284Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
          },
          {
            "name": "1034632",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id/1034632"
          },
          {
            "name": "1034633",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034633"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-12T19:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
        },
        {
          "name": "1034632",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id/1034632"
        },
        {
          "name": "1034633",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034633"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-7393",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
            },
            {
              "name": "1034632",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id/1034632"
            },
            {
              "name": "1034633",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034633"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-7393",
    "datePublished": "2016-01-12T20:00:00",
    "dateReserved": "2015-09-29T00:00:00",
    "dateUpdated": "2024-08-06T07:51:27.284Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8099

Vulnerability from cvelistv5

Published

2016-05-13 16:00

Modified

2024-08-06 08:13

Severity ?

Summary

F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1035873	vdb-entry, x_refsource_SECTRACK
	https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1035874	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:13:31.089Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1035873",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035873"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
          },
          {
            "name": "1035874",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035874"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-05-13T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1035873",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035873"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
        },
        {
          "name": "1035874",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035874"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8099",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1035873",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035873"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
            },
            {
              "name": "1035874",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035874"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8099",
    "datePublished": "2016-05-13T16:00:00",
    "dateReserved": "2015-11-09T00:00:00",
    "dateUpdated": "2024-08-06T08:13:31.089Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-5516

Vulnerability from cvelistv5

Published

2016-01-20 16:00

Modified

2024-08-06 06:50

Severity ?

Summary

Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6, BIG-IP AFM and PEM 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Analytics 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP APM and ASM 10.1.0 through 10.2.4, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, and 11.3.0, BIG-IP PSM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, and 11.4.x before 11.4.1 HF, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 might allow remote attackers to cause a denial of service (memory consumption) via a large number of crafted UDP packets.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1034687	vdb-entry, x_refsource_SECTRACK
	http://www.securitytracker.com/id/1034686	vdb-entry, x_refsource_SECTRACK
	https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:50:02.860Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1034687",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034687"
          },
          {
            "name": "1034686",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034686"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6, BIG-IP AFM and PEM 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Analytics 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP APM and ASM 10.1.0 through 10.2.4, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, and 11.3.0, BIG-IP PSM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, and 11.4.x before 11.4.1 HF, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 might allow remote attackers to cause a denial of service (memory consumption) via a large number of crafted UDP packets."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-20T15:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1034687",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034687"
        },
        {
          "name": "1034686",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034686"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-5516",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6, BIG-IP AFM and PEM 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Analytics 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP APM and ASM 10.1.0 through 10.2.4, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, and 11.3.0, BIG-IP PSM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, and 11.4.x before 11.4.1 HF, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 might allow remote attackers to cause a denial of service (memory consumption) via a large number of crafted UDP packets."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1034687",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034687"
            },
            {
              "name": "1034686",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034686"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-5516",
    "datePublished": "2016-01-20T16:00:00",
    "dateReserved": "2015-07-13T00:00:00",
    "dateUpdated": "2024-08-06T06:50:02.860Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-6271

Vulnerability from cvelistv5

Published

2014-09-24 18:00

Modified

2024-08-06 12:10

Severity ?

Summary

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.

References

▼	URL	Tags
	https://www.exploit-db.com/exploits/37816/	exploit, x_refsource_EXPLOIT-DB
	http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21685749	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141577137423233&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142719845423222&w=2	vendor-advisory, x_refsource_HP
	https://www.exploit-db.com/exploits/39918/	exploit, x_refsource_EXPLOIT-DB
	http://marc.info/?l=bugtraq&m=141216668515282&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-1295.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html	vendor-advisory, x_refsource_SUSE
	https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/	x_refsource_CONFIRM
	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383138121313&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://www.securityfocus.com/archive/1/533593/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21686084	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686479	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142719845423222&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61188	third-party-advisory, x_refsource_SECUNIA
	http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0	x_refsource_CONFIRM
	http://jvn.jp/en/jp/JVN55667175/index.html	third-party-advisory, x_refsource_JVN
	http://secunia.com/advisories/61676	third-party-advisory, x_refsource_SECUNIA
	https://www.exploit-db.com/exploits/40619/	exploit, x_refsource_EXPLOIT-DB
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/60433	third-party-advisory, x_refsource_SECUNIA
	https://www.exploit-db.com/exploits/38849/	exploit, x_refsource_EXPLOIT-DB
	http://marc.info/?l=bugtraq&m=141383026420882&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141585637922673&w=2	vendor-advisory, x_refsource_HP
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=141576728022234&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21685541	x_refsource_CONFIRM
	http://secunia.com/advisories/61715	third-party-advisory, x_refsource_SECUNIA
	http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61816	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61442	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142358078406056&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142805027510172&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61283	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142113462216480&w=2	vendor-advisory, x_refsource_HP
	http://www.ubuntu.com/usn/USN-2362-1	vendor-advisory, x_refsource_UBUNTU
	https://kc.mcafee.com/corporate/index?page=content&id=SB10085	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61654	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61542	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/support/kb/doc.php?id=7015701	x_refsource_CONFIRM
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315	x_refsource_CONFIRM
	http://secunia.com/advisories/62312	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59272	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141319209015420&w=2	vendor-advisory, x_refsource_HP
	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21685604	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61703	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT6495	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/252743	third-party-advisory, x_refsource_CERT-VN
	http://secunia.com/advisories/61065	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=141383196021590&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141383081521087&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21686445	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686131	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/70103	vdb-entry, x_refsource_BID
	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126	third-party-advisory, x_refsource_JVNDB
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://www.us-cert.gov/ncas/alerts/TA14-268A	third-party-advisory, x_refsource_CERT
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61641	third-party-advisory, x_refsource_SECUNIA
	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648	x_refsource_CONFIRM
	https://access.redhat.com/node/1200223	x_refsource_CONFIRM
	http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898	x_refsource_CONFIRM
	http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html	vendor-advisory, x_refsource_APPLE
	http://www-01.ibm.com/support/docview.wss?uid=swg21685914	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2014/Oct/0	mailing-list, x_refsource_FULLDISC
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:164	vendor-advisory, x_refsource_MANDRIVA
	http://rhn.redhat.com/errata/RHSA-2014-1293.html	vendor-advisory, x_refsource_REDHAT
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60325	third-party-advisory, x_refsource_SECUNIA
	https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes	x_refsource_CONFIRM
	http://secunia.com/advisories/60024	third-party-advisory, x_refsource_SECUNIA
	http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html	x_refsource_MISC
	https://www.exploit-db.com/exploits/34879/	exploit, x_refsource_EXPLOIT-DB
	https://access.redhat.com/articles/1200223	x_refsource_CONFIRM
	http://secunia.com/advisories/62343	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61565	third-party-advisory, x_refsource_SECUNIA
	https://www.suse.com/support/shellshock/	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141450491804793&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61313	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61873	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61485	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60947	third-party-advisory, x_refsource_SECUNIA
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183	x_refsource_CONFIRM
	https://support.apple.com/kb/HT6535	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141577297623641&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142546741516006&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383244821813&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61312	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60193	third-party-advisory, x_refsource_SECUNIA
	http://www.vmware.com/security/advisories/VMSA-2014-0010.html	x_refsource_CONFIRM
	http://linux.oracle.com/errata/ELSA-2014-1294.html	x_refsource_CONFIRM
	http://secunia.com/advisories/60063	third-party-advisory, x_refsource_SECUNIA
	http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html	x_refsource_MISC
	http://secunia.com/advisories/60034	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141330425327438&w=2	vendor-advisory, x_refsource_HP
	http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html	x_refsource_MISC
	http://secunia.com/advisories/59907	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58200	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141577241923505&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61643	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/support/kb/doc.php?id=7015721	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21687079	x_refsource_CONFIRM
	http://secunia.com/advisories/61503	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21686246	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-1354.html	vendor-advisory, x_refsource_REDHAT
	https://www.exploit-db.com/exploits/40938/	exploit, x_refsource_EXPLOIT-DB
	http://marc.info/?l=bugtraq&m=141216207813411&w=2	vendor-advisory, x_refsource_HP
	http://support.novell.com/security/cve/CVE-2014-6271.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915	x_refsource_CONFIRM
	http://secunia.com/advisories/61547	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383465822787&w=2	vendor-advisory, x_refsource_HP
	http://www.qnap.com/i/en/support/con_show.php?cid=61	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141694386919794&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61552	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61780	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279	x_refsource_CONFIRM
	https://support.citrix.com/article/CTX200223	x_refsource_CONFIRM
	http://www.debian.org/security/2014/dsa-3032	vendor-advisory, x_refsource_DEBIAN
	http://www-01.ibm.com/support/docview.wss?uid=swg21686447	x_refsource_CONFIRM
	http://secunia.com/advisories/62228	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141330468527613&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61855	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141235957116749&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60044	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61291	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2014-1294.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=141345648114150&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59737	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61287	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383353622268&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	https://bugzilla.redhat.com/show_bug.cgi?id=1141597	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61711	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142113462216480&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383304022067&w=2	vendor-advisory, x_refsource_HP
	http://advisories.mageia.org/MGASA-2014-0388.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61128	third-party-advisory, x_refsource_SECUNIA
	https://support.citrix.com/article/CTX200217	x_refsource_CONFIRM
	http://secunia.com/advisories/61471	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60055	third-party-advisory, x_refsource_SECUNIA
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash	vendor-advisory, x_refsource_CISCO
	http://secunia.com/advisories/61550	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61633	third-party-advisory, x_refsource_SECUNIA
	http://linux.oracle.com/errata/ELSA-2014-1293.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686494	x_refsource_CONFIRM
	https://kb.bluecoat.com/index?page=content&id=SA82	x_refsource_CONFIRM
	http://secunia.com/advisories/61328	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21685733	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/42938/	exploit, x_refsource_EXPLOIT-DB
	http://secunia.com/advisories/61129	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61700	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61603	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61857	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879	x_refsource_CONFIRM
	http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html	x_refsource_MISC
	https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:10:13.276Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "37816",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/37816/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
          },
          {
            "name": "SUSE-SU-2014:1223",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
          },
          {
            "name": "HPSBMU03165",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
          },
          {
            "name": "SSRT101816",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
          },
          {
            "name": "39918",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39918/"
          },
          {
            "name": "HPSBHF03119",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
          },
          {
            "name": "RHSA-2014:1295",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
          },
          {
            "name": "openSUSE-SU-2014:1226",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
          },
          {
            "name": "HPSBST03131",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
          },
          {
            "name": "SSRT101819",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
          },
          {
            "name": "HPSBMU03245",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
          },
          {
            "name": "HPSBST03196",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
          },
          {
            "name": "61188",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61188"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
          },
          {
            "name": "JVN#55667175",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
          },
          {
            "name": "61676",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61676"
          },
          {
            "name": "40619",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/40619/"
          },
          {
            "name": "openSUSE-SU-2014:1254",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
          },
          {
            "name": "60433",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60433"
          },
          {
            "name": "38849",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/38849/"
          },
          {
            "name": "HPSBMU03143",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
          },
          {
            "name": "HPSBMU03182",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
          },
          {
            "name": "SUSE-SU-2014:1260",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
          },
          {
            "name": "HPSBST03155",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
          },
          {
            "name": "61715",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61715"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
          },
          {
            "name": "61816",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61816"
          },
          {
            "name": "openSUSE-SU-2014:1310",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
          },
          {
            "name": "61442",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61442"
          },
          {
            "name": "HPSBMU03246",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
          },
          {
            "name": "HPSBST03195",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
          },
          {
            "name": "61283",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61283"
          },
          {
            "name": "SSRT101711",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
          },
          {
            "name": "USN-2362-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2362-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
          },
          {
            "name": "openSUSE-SU-2014:1308",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
          },
          {
            "name": "61654",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61654"
          },
          {
            "name": "61542",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61542"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
          },
          {
            "name": "62312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62312"
          },
          {
            "name": "59272",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59272"
          },
          {
            "name": "HPSBST03122",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
          },
          {
            "name": "HPSBMU03217",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
          },
          {
            "name": "SSRT101868",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61703",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61703"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6495"
          },
          {
            "name": "VU#252743",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/252743"
          },
          {
            "name": "61065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61065"
          },
          {
            "name": "SUSE-SU-2014:1213",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
          },
          {
            "name": "HPSBST03129",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
          },
          {
            "name": "HPSBMU03144",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
          },
          {
            "name": "70103",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70103"
          },
          {
            "name": "JVNDB-2014-000126",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
          },
          {
            "name": "SSRT101827",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "TA14-268A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
          },
          {
            "name": "SUSE-SU-2014:1212",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
          },
          {
            "name": "61641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61641"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/node/1200223"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
          },
          {
            "name": "SUSE-SU-2014:1287",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
          },
          {
            "name": "APPLE-SA-2014-10-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
          },
          {
            "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
          },
          {
            "name": "MDVSA-2015:164",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
          },
          {
            "name": "RHSA-2014:1293",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
          },
          {
            "name": "openSUSE-SU-2014:1238",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
          },
          {
            "name": "HPSBMU03220",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "60325",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60325"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
          },
          {
            "name": "60024",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60024"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
          },
          {
            "name": "34879",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/34879/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/articles/1200223"
          },
          {
            "name": "62343",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62343"
          },
          {
            "name": "61565",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61565"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.suse.com/support/shellshock/"
          },
          {
            "name": "HPSBST03157",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
          },
          {
            "name": "61313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61313"
          },
          {
            "name": "SSRT101742",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "61873",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61873"
          },
          {
            "name": "61485",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61485"
          },
          {
            "name": "60947",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60947"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6535"
          },
          {
            "name": "HPSBST03154",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
          },
          {
            "name": "HPSBST03265",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
          },
          {
            "name": "HPSBGN03142",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
          },
          {
            "name": "61312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61312"
          },
          {
            "name": "60193",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
          },
          {
            "name": "60063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60063"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
          },
          {
            "name": "60034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60034"
          },
          {
            "name": "HPSBMU03133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
          },
          {
            "name": "59907",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59907"
          },
          {
            "name": "58200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58200"
          },
          {
            "name": "HPSBST03181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
          },
          {
            "name": "61643",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61643"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
          },
          {
            "name": "61503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61503"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
          },
          {
            "name": "RHSA-2014:1354",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
          },
          {
            "name": "40938",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/40938/"
          },
          {
            "name": "HPSBGN03117",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
          },
          {
            "name": "61547",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61547"
          },
          {
            "name": "HPSBHF03145",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
          },
          {
            "name": "HPSBST03148",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
          },
          {
            "name": "61552",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61552"
          },
          {
            "name": "61780",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61780"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200223"
          },
          {
            "name": "DSA-3032",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3032"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
          },
          {
            "name": "62228",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62228"
          },
          {
            "name": "HPSBGN03138",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
          },
          {
            "name": "61855",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61855"
          },
          {
            "name": "HPSBHF03124",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
          },
          {
            "name": "60044",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60044"
          },
          {
            "name": "61291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61291"
          },
          {
            "name": "RHSA-2014:1294",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
          },
          {
            "name": "HPSBHF03125",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
          },
          {
            "name": "59737",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59737"
          },
          {
            "name": "61287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61287"
          },
          {
            "name": "HPSBHF03146",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
          },
          {
            "name": "HPSBGN03233",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
          },
          {
            "name": "SSRT101739",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61711",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61711"
          },
          {
            "name": "HPSBOV03228",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
          },
          {
            "name": "HPSBGN03141",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2014-0388.html"
          },
          {
            "name": "61128",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61128"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200217"
          },
          {
            "name": "61471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61471"
          },
          {
            "name": "60055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60055"
          },
          {
            "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
          },
          {
            "name": "61550",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61550"
          },
          {
            "name": "61633",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61633"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
          },
          {
            "name": "61328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
          },
          {
            "name": "42938",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/42938/"
          },
          {
            "name": "61129",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61129"
          },
          {
            "name": "61700",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61700"
          },
          {
            "name": "61603",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61603"
          },
          {
            "name": "61857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\"  NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-05T16:37:05",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "37816",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/37816/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
        },
        {
          "name": "SUSE-SU-2014:1223",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
        },
        {
          "name": "HPSBMU03165",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
        },
        {
          "name": "SSRT101816",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
        },
        {
          "name": "39918",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39918/"
        },
        {
          "name": "HPSBHF03119",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
        },
        {
          "name": "RHSA-2014:1295",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
        },
        {
          "name": "openSUSE-SU-2014:1226",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
        },
        {
          "name": "HPSBST03131",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
        },
        {
          "name": "SSRT101819",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
        },
        {
          "name": "HPSBMU03245",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
        },
        {
          "name": "HPSBST03196",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
        },
        {
          "name": "61188",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61188"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
        },
        {
          "name": "JVN#55667175",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
        },
        {
          "name": "61676",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61676"
        },
        {
          "name": "40619",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/40619/"
        },
        {
          "name": "openSUSE-SU-2014:1254",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
        },
        {
          "name": "60433",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60433"
        },
        {
          "name": "38849",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/38849/"
        },
        {
          "name": "HPSBMU03143",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
        },
        {
          "name": "HPSBMU03182",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
        },
        {
          "name": "SUSE-SU-2014:1260",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
        },
        {
          "name": "HPSBST03155",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
        },
        {
          "name": "61715",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61715"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
        },
        {
          "name": "61816",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61816"
        },
        {
          "name": "openSUSE-SU-2014:1310",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
        },
        {
          "name": "61442",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61442"
        },
        {
          "name": "HPSBMU03246",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
        },
        {
          "name": "HPSBST03195",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
        },
        {
          "name": "61283",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61283"
        },
        {
          "name": "SSRT101711",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
        },
        {
          "name": "USN-2362-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2362-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
        },
        {
          "name": "openSUSE-SU-2014:1308",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
        },
        {
          "name": "61654",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61654"
        },
        {
          "name": "61542",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61542"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
        },
        {
          "name": "62312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62312"
        },
        {
          "name": "59272",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59272"
        },
        {
          "name": "HPSBST03122",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
        },
        {
          "name": "HPSBMU03217",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
        },
        {
          "name": "SSRT101868",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61703",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61703"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6495"
        },
        {
          "name": "VU#252743",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/252743"
        },
        {
          "name": "61065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61065"
        },
        {
          "name": "SUSE-SU-2014:1213",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
        },
        {
          "name": "HPSBST03129",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
        },
        {
          "name": "HPSBMU03144",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
        },
        {
          "name": "70103",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70103"
        },
        {
          "name": "JVNDB-2014-000126",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
        },
        {
          "name": "SSRT101827",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "TA14-268A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
        },
        {
          "name": "SUSE-SU-2014:1212",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
        },
        {
          "name": "61641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61641"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/node/1200223"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
        },
        {
          "name": "SUSE-SU-2014:1287",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
        },
        {
          "name": "APPLE-SA-2014-10-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
        },
        {
          "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
        },
        {
          "name": "MDVSA-2015:164",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
        },
        {
          "name": "RHSA-2014:1293",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
        },
        {
          "name": "openSUSE-SU-2014:1238",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
        },
        {
          "name": "HPSBMU03220",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "60325",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60325"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
        },
        {
          "name": "60024",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60024"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
        },
        {
          "name": "34879",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/34879/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/articles/1200223"
        },
        {
          "name": "62343",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62343"
        },
        {
          "name": "61565",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61565"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.suse.com/support/shellshock/"
        },
        {
          "name": "HPSBST03157",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
        },
        {
          "name": "61313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61313"
        },
        {
          "name": "SSRT101742",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "61873",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61873"
        },
        {
          "name": "61485",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61485"
        },
        {
          "name": "60947",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60947"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6535"
        },
        {
          "name": "HPSBST03154",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
        },
        {
          "name": "HPSBST03265",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
        },
        {
          "name": "HPSBGN03142",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
        },
        {
          "name": "61312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61312"
        },
        {
          "name": "60193",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
        },
        {
          "name": "60063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60063"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
        },
        {
          "name": "60034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60034"
        },
        {
          "name": "HPSBMU03133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
        },
        {
          "name": "59907",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59907"
        },
        {
          "name": "58200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58200"
        },
        {
          "name": "HPSBST03181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
        },
        {
          "name": "61643",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61643"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
        },
        {
          "name": "61503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61503"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
        },
        {
          "name": "RHSA-2014:1354",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
        },
        {
          "name": "40938",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/40938/"
        },
        {
          "name": "HPSBGN03117",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
        },
        {
          "name": "61547",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61547"
        },
        {
          "name": "HPSBHF03145",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
        },
        {
          "name": "HPSBST03148",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
        },
        {
          "name": "61552",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61552"
        },
        {
          "name": "61780",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61780"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200223"
        },
        {
          "name": "DSA-3032",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3032"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
        },
        {
          "name": "62228",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62228"
        },
        {
          "name": "HPSBGN03138",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
        },
        {
          "name": "61855",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61855"
        },
        {
          "name": "HPSBHF03124",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
        },
        {
          "name": "60044",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60044"
        },
        {
          "name": "61291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61291"
        },
        {
          "name": "RHSA-2014:1294",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
        },
        {
          "name": "HPSBHF03125",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
        },
        {
          "name": "59737",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59737"
        },
        {
          "name": "61287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61287"
        },
        {
          "name": "HPSBHF03146",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
        },
        {
          "name": "HPSBGN03233",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
        },
        {
          "name": "SSRT101739",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61711",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61711"
        },
        {
          "name": "HPSBOV03228",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
        },
        {
          "name": "HPSBGN03141",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2014-0388.html"
        },
        {
          "name": "61128",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61128"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200217"
        },
        {
          "name": "61471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61471"
        },
        {
          "name": "60055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60055"
        },
        {
          "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
        },
        {
          "name": "61550",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61550"
        },
        {
          "name": "61633",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61633"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
        },
        {
          "name": "61328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
        },
        {
          "name": "42938",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/42938/"
        },
        {
          "name": "61129",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61129"
        },
        {
          "name": "61700",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61700"
        },
        {
          "name": "61603",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61603"
        },
        {
          "name": "61857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2014-6271",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\"  NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "37816",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/37816/"
            },
            {
              "name": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
            },
            {
              "name": "SUSE-SU-2014:1223",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
            },
            {
              "name": "HPSBMU03165",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
            },
            {
              "name": "SSRT101816",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
            },
            {
              "name": "39918",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/39918/"
            },
            {
              "name": "HPSBHF03119",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
            },
            {
              "name": "RHSA-2014:1295",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
            },
            {
              "name": "openSUSE-SU-2014:1226",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
            },
            {
              "name": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/",
              "refsource": "CONFIRM",
              "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
            },
            {
              "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts",
              "refsource": "CONFIRM",
              "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
            },
            {
              "name": "HPSBST03131",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
            },
            {
              "name": "SSRT101819",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
            },
            {
              "name": "HPSBMU03245",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
            },
            {
              "name": "HPSBST03196",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
            },
            {
              "name": "61188",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61188"
            },
            {
              "name": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
              "refsource": "CONFIRM",
              "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
            },
            {
              "name": "JVN#55667175",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
            },
            {
              "name": "61676",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61676"
            },
            {
              "name": "40619",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/40619/"
            },
            {
              "name": "openSUSE-SU-2014:1254",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
            },
            {
              "name": "60433",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60433"
            },
            {
              "name": "38849",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/38849/"
            },
            {
              "name": "HPSBMU03143",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
            },
            {
              "name": "HPSBMU03182",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
            },
            {
              "name": "SUSE-SU-2014:1260",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
            },
            {
              "name": "HPSBST03155",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
            },
            {
              "name": "61715",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61715"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
            },
            {
              "name": "61816",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61816"
            },
            {
              "name": "openSUSE-SU-2014:1310",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
            },
            {
              "name": "61442",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61442"
            },
            {
              "name": "HPSBMU03246",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
            },
            {
              "name": "HPSBST03195",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
            },
            {
              "name": "61283",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61283"
            },
            {
              "name": "SSRT101711",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
            },
            {
              "name": "USN-2362-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2362-1"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
            },
            {
              "name": "openSUSE-SU-2014:1308",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
            },
            {
              "name": "61654",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61654"
            },
            {
              "name": "61542",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61542"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015701",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
            },
            {
              "name": "62312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62312"
            },
            {
              "name": "59272",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59272"
            },
            {
              "name": "HPSBST03122",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
            },
            {
              "name": "HPSBMU03217",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
            },
            {
              "name": "SSRT101868",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61703",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61703"
            },
            {
              "name": "http://support.apple.com/kb/HT6495",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6495"
            },
            {
              "name": "VU#252743",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/252743"
            },
            {
              "name": "61065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61065"
            },
            {
              "name": "SUSE-SU-2014:1213",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
            },
            {
              "name": "HPSBST03129",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
            },
            {
              "name": "HPSBMU03144",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
            },
            {
              "name": "70103",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70103"
            },
            {
              "name": "JVNDB-2014-000126",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
            },
            {
              "name": "SSRT101827",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "TA14-268A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
            },
            {
              "name": "SUSE-SU-2014:1212",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
            },
            {
              "name": "61641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61641"
            },
            {
              "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
            },
            {
              "name": "https://access.redhat.com/node/1200223",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/node/1200223"
            },
            {
              "name": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
            },
            {
              "name": "SUSE-SU-2014:1287",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
            },
            {
              "name": "APPLE-SA-2014-10-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
            },
            {
              "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
            },
            {
              "name": "MDVSA-2015:164",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
            },
            {
              "name": "RHSA-2014:1293",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
            },
            {
              "name": "openSUSE-SU-2014:1238",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
            },
            {
              "name": "HPSBMU03220",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "60325",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60325"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
            },
            {
              "name": "60024",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60024"
            },
            {
              "name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
            },
            {
              "name": "34879",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/34879/"
            },
            {
              "name": "https://access.redhat.com/articles/1200223",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/articles/1200223"
            },
            {
              "name": "62343",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62343"
            },
            {
              "name": "61565",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61565"
            },
            {
              "name": "https://www.suse.com/support/shellshock/",
              "refsource": "CONFIRM",
              "url": "https://www.suse.com/support/shellshock/"
            },
            {
              "name": "HPSBST03157",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
            },
            {
              "name": "61313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61313"
            },
            {
              "name": "SSRT101742",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "61873",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61873"
            },
            {
              "name": "61485",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61485"
            },
            {
              "name": "60947",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60947"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
            },
            {
              "name": "https://support.apple.com/kb/HT6535",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6535"
            },
            {
              "name": "HPSBST03154",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
            },
            {
              "name": "HPSBST03265",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
            },
            {
              "name": "HPSBGN03142",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
            },
            {
              "name": "61312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61312"
            },
            {
              "name": "60193",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60193"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-1294.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
            },
            {
              "name": "60063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60063"
            },
            {
              "name": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
            },
            {
              "name": "60034",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60034"
            },
            {
              "name": "HPSBMU03133",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
            },
            {
              "name": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html",
              "refsource": "MISC",
              "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
            },
            {
              "name": "59907",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59907"
            },
            {
              "name": "58200",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58200"
            },
            {
              "name": "HPSBST03181",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
            },
            {
              "name": "61643",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61643"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015721",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
            },
            {
              "name": "61503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61503"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
            },
            {
              "name": "RHSA-2014:1354",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
            },
            {
              "name": "40938",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/40938/"
            },
            {
              "name": "HPSBGN03117",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
            },
            {
              "name": "http://support.novell.com/security/cve/CVE-2014-6271.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
            },
            {
              "name": "61547",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61547"
            },
            {
              "name": "HPSBHF03145",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
            },
            {
              "name": "http://www.qnap.com/i/en/support/con_show.php?cid=61",
              "refsource": "CONFIRM",
              "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
            },
            {
              "name": "HPSBST03148",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
            },
            {
              "name": "61552",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61552"
            },
            {
              "name": "61780",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61780"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
            },
            {
              "name": "https://support.citrix.com/article/CTX200223",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200223"
            },
            {
              "name": "DSA-3032",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-3032"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
            },
            {
              "name": "62228",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62228"
            },
            {
              "name": "HPSBGN03138",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
            },
            {
              "name": "61855",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61855"
            },
            {
              "name": "HPSBHF03124",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
            },
            {
              "name": "60044",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60044"
            },
            {
              "name": "61291",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61291"
            },
            {
              "name": "RHSA-2014:1294",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
            },
            {
              "name": "HPSBHF03125",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
            },
            {
              "name": "59737",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59737"
            },
            {
              "name": "61287",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61287"
            },
            {
              "name": "HPSBHF03146",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
            },
            {
              "name": "HPSBGN03233",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
            },
            {
              "name": "SSRT101739",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61711",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61711"
            },
            {
              "name": "HPSBOV03228",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
            },
            {
              "name": "HPSBGN03141",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
            },
            {
              "name": "http://advisories.mageia.org/MGASA-2014-0388.html",
              "refsource": "CONFIRM",
              "url": "http://advisories.mageia.org/MGASA-2014-0388.html"
            },
            {
              "name": "61128",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61128"
            },
            {
              "name": "https://support.citrix.com/article/CTX200217",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200217"
            },
            {
              "name": "61471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61471"
            },
            {
              "name": "60055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60055"
            },
            {
              "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
            },
            {
              "name": "61550",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61550"
            },
            {
              "name": "61633",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61633"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-1293.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
            },
            {
              "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82",
              "refsource": "CONFIRM",
              "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
            },
            {
              "name": "61328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61328"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
            },
            {
              "name": "42938",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/42938/"
            },
            {
              "name": "61129",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61129"
            },
            {
              "name": "61700",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61700"
            },
            {
              "name": "61603",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61603"
            },
            {
              "name": "61857",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61857"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
            },
            {
              "name": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
            },
            {
              "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006",
              "refsource": "MISC",
              "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2014-6271",
    "datePublished": "2014-09-24T18:00:00",
    "dateReserved": "2014-09-09T00:00:00",
    "dateUpdated": "2024-08-06T12:10:13.276Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-3188

Vulnerability from cvelistv5

Published

2012-05-24 23:00

Modified

2024-08-06 23:22

Severity ?

Summary

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

References

▼	URL	Tags
	https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2011/08/23/2	mailing-list, x_refsource_MLIST
	https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec	x_refsource_CONFIRM
	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=732658	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=139447903326211&w=2	vendor-advisory, x_refsource_HP
	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f	x_refsource_CONFIRM
	https://support.f5.com/csp/article/K15301?utm_source=f5support&amp%3Butm_medium=RSS	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:22:27.694Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
          },
          {
            "name": "[oss-security] 20110823 Re: CVE request: kernel: change in how tcp seq numbers are generated",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/23/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
          },
          {
            "name": "HPSBGN02970",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-18T23:06:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
        },
        {
          "name": "[oss-security] 20110823 Re: CVE request: kernel: change in how tcp seq numbers are generated",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/23/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
        },
        {
          "name": "HPSBGN02970",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-3188",
    "datePublished": "2012-05-24T23:00:00",
    "dateReserved": "2011-08-19T00:00:00",
    "dateUpdated": "2024-08-06T23:22:27.694Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-6031

Vulnerability from cvelistv5

Published

2017-06-08 16:00

Modified

2024-08-06 12:03

Severity ?

Summary

Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators to cause a denial of service via unspecified vectors.

References

▼	URL	Tags
	https://support.f5.com/csp/article/K16196	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:03:02.298Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K16196"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-03-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators to cause a denial of service via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-08T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K16196"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-6031",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators to cause a denial of service via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K16196",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K16196"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-6031",
    "datePublished": "2017-06-08T16:00:00",
    "dateReserved": "2014-09-01T00:00:00",
    "dateUpdated": "2024-08-06T12:03:02.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-4047

Vulnerability from cvelistv5

Published

2015-05-29 15:00

Modified

2024-08-06 06:04

Severity ?

Summary

racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.

References

▼	URL	Tags
	http://www.debian.org/security/2015/dsa-3272	vendor-advisory, x_refsource_DEBIAN
	http://seclists.org/fulldisclosure/2015/May/83	mailing-list, x_refsource_FULLDISC
	http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html	vendor-advisory, x_refsource_FEDORA
	http://seclists.org/fulldisclosure/2015/May/81	mailing-list, x_refsource_FULLDISC
	http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html	vendor-advisory, x_refsource_FEDORA
	https://www.altsci.com/ipsec/ipsec-tools-sa.html	x_refsource_MISC
	http://www.securitytracker.com/id/1032397	vdb-entry, x_refsource_SECTRACK
	http://www.openwall.com/lists/oss-security/2015/05/20/1	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/bid/74739	vdb-entry, x_refsource_BID
	http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html	x_refsource_MISC
	http://www.ubuntu.com/usn/USN-2623-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2015/05/21/11	mailing-list, x_refsource_MLIST
	https://support.f5.com/csp/article/K05013313	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:04:02.635Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-3272",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3272"
          },
          {
            "name": "20150520 Re: 0-day Denial of Service in IPsec-Tools",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2015/May/83"
          },
          {
            "name": "FEDORA-2015-8968",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
          },
          {
            "name": "20150519 0-day Denial of Service in IPsec-Tools",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2015/May/81"
          },
          {
            "name": "FEDORA-2015-8948",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
          },
          {
            "name": "1032397",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032397"
          },
          {
            "name": "[oss-security] 20150519 CVE Request: ipsec-tools",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
          },
          {
            "name": "74739",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/74739"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
          },
          {
            "name": "USN-2623-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2623-1"
          },
          {
            "name": "[oss-security] 20150521 Re: CVE Request: ipsec-tools",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K05013313"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-26T14:06:07",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-3272",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3272"
        },
        {
          "name": "20150520 Re: 0-day Denial of Service in IPsec-Tools",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2015/May/83"
        },
        {
          "name": "FEDORA-2015-8968",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
        },
        {
          "name": "20150519 0-day Denial of Service in IPsec-Tools",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2015/May/81"
        },
        {
          "name": "FEDORA-2015-8948",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
        },
        {
          "name": "1032397",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032397"
        },
        {
          "name": "[oss-security] 20150519 CVE Request: ipsec-tools",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
        },
        {
          "name": "74739",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/74739"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
        },
        {
          "name": "USN-2623-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2623-1"
        },
        {
          "name": "[oss-security] 20150521 Re: CVE Request: ipsec-tools",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K05013313"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-4047",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-3272",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3272"
            },
            {
              "name": "20150520 Re: 0-day Denial of Service in IPsec-Tools",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2015/May/83"
            },
            {
              "name": "FEDORA-2015-8968",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
            },
            {
              "name": "20150519 0-day Denial of Service in IPsec-Tools",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2015/May/81"
            },
            {
              "name": "FEDORA-2015-8948",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
            },
            {
              "name": "https://www.altsci.com/ipsec/ipsec-tools-sa.html",
              "refsource": "MISC",
              "url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
            },
            {
              "name": "1032397",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032397"
            },
            {
              "name": "[oss-security] 20150519 CVE Request: ipsec-tools",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
            },
            {
              "name": "74739",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/74739"
            },
            {
              "name": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
            },
            {
              "name": "USN-2623-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2623-1"
            },
            {
              "name": "[oss-security] 20150521 Re: CVE Request: ipsec-tools",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
            },
            {
              "name": "https://support.f5.com/csp/article/K05013313",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K05013313"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-4047",
    "datePublished": "2015-05-29T15:00:00",
    "dateReserved": "2015-05-20T00:00:00",
    "dateUpdated": "2024-08-06T06:04:02.635Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-3959

Vulnerability from cvelistv5

Published

2014-06-03 14:00

Modified

2024-08-06 10:57

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

References

▼	URL	Tags
	http://secunia.com/advisories/58969	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id/1030319	vdb-entry, x_refsource_SECTRACK
	http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1030320	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/67771	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:57:18.087Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "58969",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58969"
          },
          {
            "name": "1030319",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030319"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html"
          },
          {
            "name": "1030320",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030320"
          },
          {
            "name": "67771",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/67771"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-06-06T13:57:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "58969",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58969"
        },
        {
          "name": "1030319",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030319"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html"
        },
        {
          "name": "1030320",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030320"
        },
        {
          "name": "67771",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/67771"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-3959",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "58969",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58969"
            },
            {
              "name": "1030319",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030319"
            },
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html"
            },
            {
              "name": "1030320",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030320"
            },
            {
              "name": "67771",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/67771"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-3959",
    "datePublished": "2014-06-03T14:00:00",
    "dateReserved": "2014-06-03T00:00:00",
    "dateUpdated": "2024-08-06T10:57:18.087Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5736

Vulnerability from cvelistv5

Published

2016-08-19 21:00

Modified

2024-08-06 01:07

Severity ?

Summary

The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP DNS 12.x before 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 before HF16; BIG-IP GTM 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 11.4.0 through 11.4.1 improperly enables the anonymous IPsec IKE peer configuration object, which allows remote attackers to establish an IKE Phase 1 negotiation and possibly conduct brute-force attacks against Phase 2 negotiations via unspecified vectors.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1036618	vdb-entry, x_refsource_SECTRACK
	https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:07:59.959Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036618",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036618"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP DNS 12.x before 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 before HF16; BIG-IP GTM 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 11.4.0 through 11.4.1 improperly enables the anonymous IPsec IKE peer configuration object, which allows remote attackers to establish an IKE Phase 1 negotiation and possibly conduct brute-force attacks against Phase 2 negotiations via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-08-19T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1036618",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036618"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5736",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP DNS 12.x before 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 before HF16; BIG-IP GTM 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 11.4.0 through 11.4.1 improperly enables the anonymous IPsec IKE peer configuration object, which allows remote attackers to establish an IKE Phase 1 negotiation and possibly conduct brute-force attacks against Phase 2 negotiations via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036618",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036618"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5736",
    "datePublished": "2016-08-19T21:00:00",
    "dateReserved": "2016-06-21T00:00:00",
    "dateUpdated": "2024-08-06T01:07:59.959Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7469

Vulnerability from cvelistv5

Published

2017-06-09 15:00

Modified

2024-08-06 01:57

Severity ?

Summary

A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable.

References

▼	URL	Tags
	https://support.f5.com/csp/article/K97285349	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1037559	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/95320	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1037560	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

F5 Networks, Inc.

BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM,WebAccelerator,WOM,WebSafe

Version: 12.0.0 - 12.1.2
Version: 11.4.0 - 11.6.1
Version: 11.2.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.636Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K97285349"
          },
          {
            "name": "1037559",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037559"
          },
          {
            "name": "95320",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95320"
          },
          {
            "name": "1037560",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037560"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM,WebAccelerator,WOM,WebSafe",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "12.0.0 - 12.1.2"
            },
            {
              "status": "affected",
              "version": "11.4.0 - 11.6.1"
            },
            {
              "status": "affected",
              "version": "11.2.1"
            }
          ]
        }
      ],
      "datePublic": "2017-06-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "cross-site scripting (XSS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-26T09:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K97285349"
        },
        {
          "name": "1037559",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037559"
        },
        {
          "name": "95320",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95320"
        },
        {
          "name": "1037560",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037560"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2016-7469",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM,WebAccelerator,WOM,WebSafe",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "12.0.0 - 12.1.2"
                          },
                          {
                            "version_value": "11.4.0 - 11.6.1"
                          },
                          {
                            "version_value": "11.2.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "cross-site scripting (XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K97285349",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K97285349"
            },
            {
              "name": "1037559",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037559"
            },
            {
              "name": "95320",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95320"
            },
            {
              "name": "1037560",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037560"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2016-7469",
    "datePublished": "2017-06-09T15:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.636Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-2928

Vulnerability from cvelistv5

Published

2014-05-12 14:00

Modified

2024-08-06 10:28

Severity ?

Summary

The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, Enterprise Manager 2.1.0 through 2.3.0 and 3.0.0 through 3.1.1, and BIG-IQ Cloud, Device, and Security 4.0.0 through 4.3.0 allows remote administrators to execute arbitrary commands via shell metacharacters in the hostname element in a SOAP request.

References

▼	URL	Tags
	http://seclists.org/fulldisclosure/2014/May/32	mailing-list, x_refsource_FULLDISC
	http://www.exploit-db.com/exploits/34927	exploit, x_refsource_EXPLOIT-DB
	http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html	x_refsource_CONFIRM
	http://www.osvdb.org/106728	vdb-entry, x_refsource_OSVDB

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:28:46.191Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20140507 Moar F5 fun in iControl API",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/May/32"
          },
          {
            "name": "34927",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/34927"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html"
          },
          {
            "name": "106728",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/106728"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, Enterprise Manager 2.1.0 through 2.3.0 and 3.0.0 through 3.1.1, and BIG-IQ Cloud, Device, and Security 4.0.0 through 4.3.0 allows remote administrators to execute arbitrary commands via shell metacharacters in the hostname element in a SOAP request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-11-14T14:57:00",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "20140507 Moar F5 fun in iControl API",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/May/32"
        },
        {
          "name": "34927",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/34927"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html"
        },
        {
          "name": "106728",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/106728"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2014-2928",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, Enterprise Manager 2.1.0 through 2.3.0 and 3.0.0 through 3.1.1, and BIG-IQ Cloud, Device, and Security 4.0.0 through 4.3.0 allows remote administrators to execute arbitrary commands via shell metacharacters in the hostname element in a SOAP request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20140507 Moar F5 fun in iControl API",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/May/32"
            },
            {
              "name": "34927",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/34927"
            },
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html"
            },
            {
              "name": "106728",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/106728"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2014-2928",
    "datePublished": "2014-05-12T14:00:00",
    "dateReserved": "2014-04-21T00:00:00",
    "dateUpdated": "2024-08-06T10:28:46.191Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-0196

Vulnerability from cvelistv5

Published

2014-05-07 10:00

Modified

2024-08-06 09:05

Severity ?

Summary

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

References

▼	URL	Tags
	http://www.ubuntu.com/usn/USN-2203-1	vendor-advisory, x_refsource_UBUNTU
	http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html	x_refsource_CONFIRM
	http://www.osvdb.org/106646	vdb-entry, x_refsource_OSVDB
	http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2014/05/05/6	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/59262	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2204-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/59218	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2202-1	vendor-advisory, x_refsource_UBUNTU
	http://www.exploit-db.com/exploits/33516	exploit, x_refsource_EXPLOIT-DB
	http://www.debian.org/security/2014/dsa-2928	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2199-1	vendor-advisory, x_refsource_UBUNTU
	http://linux.oracle.com/errata/ELSA-2014-0771.html	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1094232	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2197-1	vendor-advisory, x_refsource_UBUNTU
	http://source.android.com/security/bulletin/2016-07-01.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-0512.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/59599	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2014/dsa-2926	vendor-advisory, x_refsource_DEBIAN
	https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://pastebin.com/raw.php?i=yTSFUBgZ	x_refsource_MISC
	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00	x_refsource_CONFIRM
	http://bugzilla.novell.com/show_bug.cgi?id=875690	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2198-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2200-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2201-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2196-1	vendor-advisory, x_refsource_UBUNTU

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:05:39.223Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2203-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2203-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
          },
          {
            "name": "106646",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/106646"
          },
          {
            "name": "SUSE-SU-2014:0683",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
          },
          {
            "name": "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
          },
          {
            "name": "59262",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59262"
          },
          {
            "name": "USN-2204-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2204-1"
          },
          {
            "name": "59218",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59218"
          },
          {
            "name": "USN-2202-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2202-1"
          },
          {
            "name": "33516",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/33516"
          },
          {
            "name": "DSA-2928",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2928"
          },
          {
            "name": "USN-2199-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2199-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
          },
          {
            "name": "USN-2197-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2197-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://source.android.com/security/bulletin/2016-07-01.html"
          },
          {
            "name": "RHSA-2014:0512",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
          },
          {
            "name": "59599",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59599"
          },
          {
            "name": "DSA-2926",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2926"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
          },
          {
            "name": "SUSE-SU-2014:0667",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
          },
          {
            "name": "USN-2198-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2198-1"
          },
          {
            "name": "USN-2200-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2200-1"
          },
          {
            "name": "USN-2201-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2201-1"
          },
          {
            "name": "USN-2196-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2196-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-04-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO \u0026 !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-05T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-2203-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2203-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
        },
        {
          "name": "106646",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/106646"
        },
        {
          "name": "SUSE-SU-2014:0683",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
        },
        {
          "name": "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
        },
        {
          "name": "59262",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59262"
        },
        {
          "name": "USN-2204-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2204-1"
        },
        {
          "name": "59218",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59218"
        },
        {
          "name": "USN-2202-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2202-1"
        },
        {
          "name": "33516",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/33516"
        },
        {
          "name": "DSA-2928",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2928"
        },
        {
          "name": "USN-2199-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2199-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
        },
        {
          "name": "USN-2197-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2197-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://source.android.com/security/bulletin/2016-07-01.html"
        },
        {
          "name": "RHSA-2014:0512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
        },
        {
          "name": "59599",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59599"
        },
        {
          "name": "DSA-2926",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2926"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
        },
        {
          "name": "SUSE-SU-2014:0667",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
        },
        {
          "name": "USN-2198-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2198-1"
        },
        {
          "name": "USN-2200-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2200-1"
        },
        {
          "name": "USN-2201-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2201-1"
        },
        {
          "name": "USN-2196-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2196-1"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-0196",
    "datePublished": "2014-05-07T10:00:00",
    "dateReserved": "2013-12-03T00:00:00",
    "dateUpdated": "2024-08-06T09:05:39.223Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-5209

Vulnerability from cvelistv5

Published

2020-01-08 00:29

Modified

2024-08-06 11:41

Severity ?

Summary

An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.

References

▼	URL	Tags
	https://support.f5.com/csp/article/K44942017	x_refsource_CONFIRM
	https://support.f5.com/csp/article/K44942017?utm_source=f5support&amp%3Butm_medium=RSS	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/95841	x_refsource_MISC
	https://support.f5.com/csp/article/K44942017	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

NTP

Version: 4.2.7p25

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:41:47.478Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K44942017"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K44942017"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NTP",
          "vendor": "NTP",
          "versions": [
            {
              "status": "affected",
              "version": "4.2.7p25"
            }
          ]
        }
      ],
      "datePublic": "2014-08-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-08T00:31:11",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K44942017"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.f5.com/csp/article/K44942017"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2014-5209",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NTP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "4.2.7p25"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NTP"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K44942017",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K44942017"
            },
            {
              "name": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp;utm_medium=RSS"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
            },
            {
              "name": "https://support.f5.com/csp/article/K44942017",
              "refsource": "MISC",
              "url": "https://support.f5.com/csp/article/K44942017"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2014-5209",
    "datePublished": "2020-01-08T00:29:42",
    "dateReserved": "2014-08-13T00:00:00",
    "dateUpdated": "2024-08-06T11:41:47.478Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-4024

Vulnerability from cvelistv5

Published

2018-03-19 21:00

Modified

2024-08-06 11:04

Severity ?

Summary

SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow remote attackers to have unspecified impact via a timing side-channel attack.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/95834	vdb-entry, x_refsource_XF
	https://support.f5.com/csp/article/K15500	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:04:28.082Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "f5-cve20144024-info-disc(95834)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95834"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K15500"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow remote attackers to have unspecified impact via a timing side-channel attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-19T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "f5-cve20144024-info-disc(95834)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95834"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K15500"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-4024",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow remote attackers to have unspecified impact via a timing side-channel attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "f5-cve20144024-info-disc(95834)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95834"
            },
            {
              "name": "https://support.f5.com/csp/article/K15500",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K15500"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-4024",
    "datePublished": "2018-03-19T21:00:00",
    "dateReserved": "2014-06-11T00:00:00",
    "dateUpdated": "2024-08-06T11:04:28.082Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-1497

Vulnerability from cvelistv5

Published

2016-08-26 14:00

Modified

2024-08-05 22:55

Severity ?

Summary

The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors.

References

▼	URL	Tags
	https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/92671	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1036631	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:55:14.889Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html"
          },
          {
            "name": "92671",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/92671"
          },
          {
            "name": "1036631",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036631"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html"
        },
        {
          "name": "92671",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/92671"
        },
        {
          "name": "1036631",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036631"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-1497",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html"
            },
            {
              "name": "92671",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/92671"
            },
            {
              "name": "1036631",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036631"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-1497",
    "datePublished": "2016-08-26T14:00:00",
    "dateReserved": "2016-01-06T00:00:00",
    "dateUpdated": "2024-08-05T22:55:14.889Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8021

Vulnerability from cvelistv5

Published

2016-04-12 14:00

Modified

2024-08-06 08:06

Severity ?

Summary

Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/82340	vdb-entry, x_refsource_BID
	https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1034781	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:06:31.555Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "82340",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/82340"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html"
          },
          {
            "name": "1034781",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034781"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "82340",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/82340"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html"
        },
        {
          "name": "1034781",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034781"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8021",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "82340",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/82340"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html"
            },
            {
              "name": "1034781",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034781"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8021",
    "datePublished": "2016-04-12T14:00:00",
    "dateReserved": "2015-10-28T00:00:00",
    "dateUpdated": "2024-08-06T08:06:31.555Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-2927

Vulnerability from cvelistv5

Published

2014-10-15 14:00

Modified

2024-08-06 10:28

Severity ?

Summary

The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address.

References

▼	URL	Tags
	https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html	x_refsource_CONFIRM
	http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf	x_refsource_MISC
	http://www.exploit-db.com/exploits/34465	exploit, x_refsource_EXPLOIT-DB

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:28:46.416Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf"
          },
          {
            "name": "34465",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/34465"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-08-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-10-15T11:57:00",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf"
        },
        {
          "name": "34465",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/34465"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2014-2927",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html"
            },
            {
              "name": "http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf",
              "refsource": "MISC",
              "url": "http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf"
            },
            {
              "name": "34465",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/34465"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2014-2927",
    "datePublished": "2014-10-15T14:00:00",
    "dateReserved": "2014-04-21T00:00:00",
    "dateUpdated": "2024-08-06T10:28:46.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5023

Vulnerability from cvelistv5

Published

2016-08-26 14:00

Modified

2024-08-06 00:46

Severity ?

Summary

Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1036624	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/92670	vdb-entry, x_refsource_BID
	https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:46:40.242Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036624",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036624"
          },
          {
            "name": "92670",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/92670"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1036624",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036624"
        },
        {
          "name": "92670",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/92670"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5023",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036624",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036624"
            },
            {
              "name": "92670",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/92670"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5023",
    "datePublished": "2016-08-26T14:00:00",
    "dateReserved": "2016-05-24T00:00:00",
    "dateUpdated": "2024-08-06T00:46:40.242Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-2084

Vulnerability from cvelistv5

Published

2016-04-13 16:00

Modified

2024-08-05 23:17

Severity ?

Summary

F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1035520	vdb-entry, x_refsource_SECTRACK
	https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:17:50.544Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1035520",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035520"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-04-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-04-13T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1035520",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035520"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-2084",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1035520",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035520"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-2084",
    "datePublished": "2016-04-13T16:00:00",
    "dateReserved": "2016-01-27T00:00:00",
    "dateUpdated": "2024-08-05T23:17:50.544Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-4040

Vulnerability from cvelistv5

Published

2015-09-17 16:00

Modified

2024-08-06 06:04

Severity ?

Summary

Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.

References

▼	URL	Tags
	http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html	x_refsource_MISC
	http://www.securitytracker.com/id/1033533	vdb-entry, x_refsource_SECTRACK
	https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1033532	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:04:02.664Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html"
          },
          {
            "name": "1033533",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033533"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html"
          },
          {
            "name": "1033532",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033532"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-06T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html"
        },
        {
          "name": "1033533",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1033533"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html"
        },
        {
          "name": "1033532",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1033532"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-4040",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html"
            },
            {
              "name": "1033533",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1033533"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html"
            },
            {
              "name": "1033532",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1033532"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-4040",
    "datePublished": "2015-09-17T16:00:00",
    "dateReserved": "2015-05-19T00:00:00",
    "dateUpdated": "2024-08-06T06:04:02.664Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-7394

Vulnerability from cvelistv5

Published

2015-11-06 18:00

Modified

2024-08-06 07:51

Severity ?

Summary

The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1.0 through 11.4.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ ADC 4.5.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to cause a denial of service or gain privileges by leveraging permission to upload and execute code.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1034025	vdb-entry, x_refsource_SECTRACK
	https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1034026	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:51:27.365Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1034025",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034025"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html"
          },
          {
            "name": "1034026",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034026"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1.0 through 11.4.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ ADC 4.5.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to cause a denial of service or gain privileges by leveraging permission to upload and execute code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-11-06T17:57:03",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1034025",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034025"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html"
        },
        {
          "name": "1034026",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034026"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-7394",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1.0 through 11.4.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ ADC 4.5.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to cause a denial of service or gain privileges by leveraging permission to upload and execute code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1034025",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034025"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html"
            },
            {
              "name": "1034026",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034026"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-7394",
    "datePublished": "2015-11-06T18:00:00",
    "dateReserved": "2015-09-29T00:00:00",
    "dateUpdated": "2024-08-06T07:51:27.365Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5022

Vulnerability from cvelistv5

Published

2016-09-07 19:00

Modified

2024-08-06 00:46

Severity ?

Summary

F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1036710	vdb-entry, x_refsource_SECTRACK
	https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1036709	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:46:40.240Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036710",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036710"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
          },
          {
            "name": "1036709",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036709"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-09-07T18:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1036710",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036710"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
        },
        {
          "name": "1036709",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036709"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5022",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036710",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036710"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
            },
            {
              "name": "1036709",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036709"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5022",
    "datePublished": "2016-09-07T19:00:00",
    "dateReserved": "2016-05-24T00:00:00",
    "dateUpdated": "2024-08-06T00:46:40.240Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-6546

Vulnerability from cvelistv5

Published

2015-11-06 18:00

Modified

2024-08-06 07:22

Severity ?

Summary

The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, BIG-IP AAM 11.4.0 before 11.6.0, BIG-IP AFM and PEM 11.3.0 before 11.6.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0, BIG-IP PSM 11.0.0 through 11.4.1 allows remote attackers to cause a denial of service via "malicious traffic."

References

▼	URL	Tags
	http://www.securitytracker.com/id/1033952	vdb-entry, x_refsource_SECTRACK
	https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:22:22.257Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1033952",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033952"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-10-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, BIG-IP AAM 11.4.0 before 11.6.0, BIG-IP AFM and PEM 11.3.0 before 11.6.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0, BIG-IP PSM 11.0.0 through 11.4.1 allows remote attackers to cause a denial of service via \"malicious traffic.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-11-06T17:57:03",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1033952",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1033952"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-6546",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, BIG-IP AAM 11.4.0 before 11.6.0, BIG-IP AFM and PEM 11.3.0 before 11.6.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0, BIG-IP PSM 11.0.0 through 11.4.1 allows remote attackers to cause a denial of service via \"malicious traffic.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1033952",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1033952"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-6546",
    "datePublished": "2015-11-06T18:00:00",
    "dateReserved": "2015-08-20T00:00:00",
    "dateUpdated": "2024-08-06T07:22:22.257Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8022

Vulnerability from cvelistv5

Published

2016-08-19 21:00

Modified

2024-08-06 08:06

Severity ?

Summary

The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads.

References

▼	URL	Tags
	https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1036627	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:06:31.559Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html"
          },
          {
            "name": "1036627",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036627"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-08-19T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html"
        },
        {
          "name": "1036627",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036627"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8022",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html"
            },
            {
              "name": "1036627",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036627"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8022",
    "datePublished": "2016-08-19T21:00:00",
    "dateReserved": "2015-10-28T00:00:00",
    "dateUpdated": "2024-08-06T08:06:31.559Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-6032

Vulnerability from cvelistv5

Published

2014-11-01 23:00

Modified

2024-08-06 12:03

Severity ?

Summary

Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and Edge Gateway 11.0.0 through 11.6.0 and 10.1.0 through 10.2.4, PEM 11.3.0 through 11.6.0, PSM 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4, and WOM 11.0.0 through 11.3.0 and 10.0.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allow remote authenticated users to read arbitrary files and cause a denial of service via a crafted request, as demonstrated using (1) viewList or (2) deal elements.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1031145	vdb-entry, x_refsource_SECTRACK
	https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/	x_refsource_MISC
	http://www.securitytracker.com/id/1031144	vdb-entry, x_refsource_SECTRACK
	http://seclists.org/fulldisclosure/2014/Oct/128	mailing-list, x_refsource_FULLDISC
	https://exchange.xforce.ibmcloud.com/vulnerabilities/98403	vdb-entry, x_refsource_XF
	https://exchange.xforce.ibmcloud.com/vulnerabilities/98402	vdb-entry, x_refsource_XF
	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2014/Oct/129	mailing-list, x_refsource_FULLDISC
	http://seclists.org/fulldisclosure/2014/Oct/130	mailing-list, x_refsource_FULLDISC
	http://www.securityfocus.com/bid/70834	vdb-entry, x_refsource_BID
	http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html	x_refsource_MISC
	https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:03:02.334Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1031145",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1031145"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/"
          },
          {
            "name": "1031144",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1031144"
          },
          {
            "name": "20141030 CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/128"
          },
          {
            "name": "bigip-cve20146033-info-disc(98403)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98403"
          },
          {
            "name": "bigip-cve20146032-info-disc(98402)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98402"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html"
          },
          {
            "name": "20141030 CVE-2014-6033 - XML External Entity Injection in F5 Networks Big-IP",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/129"
          },
          {
            "name": "20141030 Re: CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/130"
          },
          {
            "name": "70834",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70834"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and Edge Gateway 11.0.0 through 11.6.0 and 10.1.0 through 10.2.4, PEM 11.3.0 through 11.6.0, PSM 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4, and WOM 11.0.0 through 11.3.0 and 10.0.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allow remote authenticated users to read arbitrary files and cause a denial of service via a crafted request, as demonstrated using (1) viewList or (2) deal elements."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-07T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1031145",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1031145"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/"
        },
        {
          "name": "1031144",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1031144"
        },
        {
          "name": "20141030 CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/128"
        },
        {
          "name": "bigip-cve20146033-info-disc(98403)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98403"
        },
        {
          "name": "bigip-cve20146032-info-disc(98402)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98402"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html"
        },
        {
          "name": "20141030 CVE-2014-6033 - XML External Entity Injection in F5 Networks Big-IP",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/129"
        },
        {
          "name": "20141030 Re: CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/130"
        },
        {
          "name": "70834",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70834"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-6032",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and Edge Gateway 11.0.0 through 11.6.0 and 10.1.0 through 10.2.4, PEM 11.3.0 through 11.6.0, PSM 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4, and WOM 11.0.0 through 11.3.0 and 10.0.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allow remote authenticated users to read arbitrary files and cause a denial of service via a crafted request, as demonstrated using (1) viewList or (2) deal elements."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1031145",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1031145"
            },
            {
              "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/",
              "refsource": "MISC",
              "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/"
            },
            {
              "name": "1031144",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1031144"
            },
            {
              "name": "20141030 CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/128"
            },
            {
              "name": "bigip-cve20146033-info-disc(98403)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98403"
            },
            {
              "name": "bigip-cve20146032-info-disc(98402)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98402"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html"
            },
            {
              "name": "20141030 CVE-2014-6033 - XML External Entity Injection in F5 Networks Big-IP",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/129"
            },
            {
              "name": "20141030 Re: CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/130"
            },
            {
              "name": "70834",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70834"
            },
            {
              "name": "http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html"
            },
            {
              "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/",
              "refsource": "MISC",
              "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-6032",
    "datePublished": "2014-11-01T23:00:00",
    "dateReserved": "2014-09-01T00:00:00",
    "dateUpdated": "2024-08-06T12:03:02.334Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5020

Vulnerability from cvelistv5

Published

2016-06-30 17:00

Modified

2024-08-06 00:46

Severity ?

Summary

F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1036131	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/91532	vdb-entry, x_refsource_BID
	https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:46:40.216Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036131",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036131"
          },
          {
            "name": "91532",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91532"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1036131",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036131"
        },
        {
          "name": "91532",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91532"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5020",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036131",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036131"
            },
            {
              "name": "91532",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91532"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5020",
    "datePublished": "2016-06-30T17:00:00",
    "dateReserved": "2016-05-24T00:00:00",
    "dateUpdated": "2024-08-06T00:46:40.216Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-6876

Vulnerability from cvelistv5

Published

2016-09-07 19:00

Modified

2024-08-06 01:43

Severity ?

Summary

The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP DNS 12.0.0 before HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 10.2.1 through 10.2.4 and 11.2.1; BIG-IP GTM 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1 allows remote DNS servers to cause a denial of service (CPU consumption or Traffic Management Microkernel crash) via a crafted PTR response.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1036725	vdb-entry, x_refsource_SECTRACK
	https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:43:38.465Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036725",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036725"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP DNS 12.0.0 before HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 10.2.1 through 10.2.4 and 11.2.1; BIG-IP GTM 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1 allows remote DNS servers to cause a denial of service (CPU consumption or Traffic Management Microkernel crash) via a crafted PTR response."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-09-07T18:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1036725",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036725"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-6876",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP DNS 12.0.0 before HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 10.2.1 through 10.2.4 and 11.2.1; BIG-IP GTM 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1 allows remote DNS servers to cause a denial of service (CPU consumption or Traffic Management Microkernel crash) via a crafted PTR response."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036725",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036725"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-6876",
    "datePublished": "2016-09-07T19:00:00",
    "dateReserved": "2016-08-18T00:00:00",
    "dateUpdated": "2024-08-06T01:43:38.465Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-3000

Vulnerability from cvelistv5

Published

2014-01-30 15:00

Modified

2024-08-06 19:50

Severity ?

Summary

Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter.

References

▼	URL	Tags
	http://secunia.com/advisories/51867	third-party-advisory, x_refsource_SECUNIA
	http://osvdb.org/89446	vdb-entry, x_refsource_OSVDB
	http://www.securityfocus.com/bid/57500	vdb-entry, x_refsource_BID
	http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilities/81457	vdb-entry, x_refsource_XF
	https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt	x_refsource_MISC
	http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html	mailing-list, x_refsource_BUGTRAQ
	http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:50:05.449Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "51867",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51867"
          },
          {
            "name": "89446",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/89446"
          },
          {
            "name": "57500",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/57500"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html"
          },
          {
            "name": "f5bigip-sql-injection(81457)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81457"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt"
          },
          {
            "name": "20130122 SEC Consult SA-20130122-1 :: F5 BIG-IP SQL injection vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-01-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "51867",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51867"
        },
        {
          "name": "89446",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/89446"
        },
        {
          "name": "57500",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/57500"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html"
        },
        {
          "name": "f5bigip-sql-injection(81457)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81457"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt"
        },
        {
          "name": "20130122 SEC Consult SA-20130122-1 :: F5 BIG-IP SQL injection vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2012-3000",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "51867",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51867"
            },
            {
              "name": "89446",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/89446"
            },
            {
              "name": "57500",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/57500"
            },
            {
              "name": "http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html"
            },
            {
              "name": "f5bigip-sql-injection(81457)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81457"
            },
            {
              "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt",
              "refsource": "MISC",
              "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt"
            },
            {
              "name": "20130122 SEC Consult SA-20130122-1 :: F5 BIG-IP SQL injection vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html"
            },
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2012-3000",
    "datePublished": "2014-01-30T15:00:00",
    "dateReserved": "2012-05-30T00:00:00",
    "dateUpdated": "2024-08-06T19:50:05.449Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-3163

Vulnerability from cvelistv5

Published

2012-10-17 00:00

Modified

2024-08-06 19:57

Severity ?

Summary

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.

References

▼	URL	Tags
	http://secunia.com/advisories/51177	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/56509	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2012-1462.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/53372	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-201308-06.xml	vendor-advisory, x_refsource_GENTOO
	http://www.debian.org/security/2012/dsa-2581	vendor-advisory, x_refsource_DEBIAN
	http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html	x_refsource_CONFIRM
	http://secunia.com/advisories/51309	third-party-advisory, x_refsource_SECUNIA
	http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/79381	vdb-entry, x_refsource_XF
	http://www.ubuntu.com/usn/USN-1621-1	vendor-advisory, x_refsource_UBUNTU
	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/56513	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:57:49.804Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "51177",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51177"
          },
          {
            "name": "56509",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56509"
          },
          {
            "name": "RHSA-2012:1462",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html"
          },
          {
            "name": "53372",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/53372"
          },
          {
            "name": "GLSA-201308-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
          },
          {
            "name": "DSA-2581",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2581"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
          },
          {
            "name": "51309",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51309"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html"
          },
          {
            "name": "mysqlserver-informationschema-cve20123163(79381)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79381"
          },
          {
            "name": "USN-1621-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1621-1"
          },
          {
            "name": "MDVSA-2013:150",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
          },
          {
            "name": "56513",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56513"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-10-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "51177",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51177"
        },
        {
          "name": "56509",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56509"
        },
        {
          "name": "RHSA-2012:1462",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html"
        },
        {
          "name": "53372",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/53372"
        },
        {
          "name": "GLSA-201308-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
        },
        {
          "name": "DSA-2581",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2581"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
        },
        {
          "name": "51309",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51309"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html"
        },
        {
          "name": "mysqlserver-informationschema-cve20123163(79381)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79381"
        },
        {
          "name": "USN-1621-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1621-1"
        },
        {
          "name": "MDVSA-2013:150",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
        },
        {
          "name": "56513",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56513"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2012-3163",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "51177",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51177"
            },
            {
              "name": "56509",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56509"
            },
            {
              "name": "RHSA-2012:1462",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html"
            },
            {
              "name": "53372",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/53372"
            },
            {
              "name": "GLSA-201308-06",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
            },
            {
              "name": "DSA-2581",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2581"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
            },
            {
              "name": "51309",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51309"
            },
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html"
            },
            {
              "name": "mysqlserver-informationschema-cve20123163(79381)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79381"
            },
            {
              "name": "USN-1621-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1621-1"
            },
            {
              "name": "MDVSA-2013:150",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            },
            {
              "name": "56513",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56513"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2012-3163",
    "datePublished": "2012-10-17T00:00:00",
    "dateReserved": "2012-06-06T00:00:00",
    "dateUpdated": "2024-08-06T19:57:49.804Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-7169

Vulnerability from cvelistv5

Published

2014-09-25 01:00

Modified

2024-08-06 12:40

Severity ?

Summary

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

References

▼	URL	Tags
	http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html	x_refsource_MISC
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21685749	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2014/09/24/32	mailing-list, x_refsource_MLIST
	http://marc.info/?l=bugtraq&m=141577137423233&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141216668515282&w=2	vendor-advisory, x_refsource_HP
	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383138121313&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://www.securityfocus.com/archive/1/533593/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=swg21686084	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686479	x_refsource_CONFIRM
	http://secunia.com/advisories/61188	third-party-advisory, x_refsource_SECUNIA
	http://jvn.jp/en/jp/JVN55667175/index.html	third-party-advisory, x_refsource_JVN
	http://secunia.com/advisories/61676	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/60433	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383026420882&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141585637922673&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-1306.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=141576728022234&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21685541	x_refsource_CONFIRM
	http://secunia.com/advisories/61715	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-2363-2	vendor-advisory, x_refsource_UBUNTU
	http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61816	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61442	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142358078406056&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142805027510172&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61283	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142113462216480&w=2	vendor-advisory, x_refsource_HP
	https://kc.mcafee.com/corporate/index?page=content&id=SB10085	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61654	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/support/kb/doc.php?id=7015701	x_refsource_CONFIRM
	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315	x_refsource_CONFIRM
	http://secunia.com/advisories/62312	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59272	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141319209015420&w=2	vendor-advisory, x_refsource_HP
	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-1312.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21685604	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2363-1	vendor-advisory, x_refsource_UBUNTU
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61703	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT6495	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/252743	third-party-advisory, x_refsource_CERT-VN
	http://secunia.com/advisories/61065	third-party-advisory, x_refsource_SECUNIA
	http://linux.oracle.com/errata/ELSA-2014-3075.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383196021590&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=141383081521087&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=swg21686445	x_refsource_CONFIRM
	http://support.novell.com/security/cve/CVE-2014-7169.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686131	x_refsource_CONFIRM
	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126	third-party-advisory, x_refsource_JVNDB
	http://marc.info/?l=bugtraq&m=141879528318582&w=2	vendor-advisory, x_refsource_HP
	http://www.us-cert.gov/ncas/alerts/TA14-268A	third-party-advisory, x_refsource_CERT
	http://secunia.com/advisories/61641	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html	vendor-advisory, x_refsource_SUSE
	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648	x_refsource_CONFIRM
	https://access.redhat.com/node/1200223	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898	x_refsource_CONFIRM
	http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html	vendor-advisory, x_refsource_APPLE
	http://www-01.ibm.com/support/docview.wss?uid=swg21685914	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2014/Oct/0	mailing-list, x_refsource_FULLDISC
	http://www.mandriva.com/security/advisories?name=MDVSA-2015:164	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/61619	third-party-advisory, x_refsource_SECUNIA
	http://linux.oracle.com/errata/ELSA-2014-3078.html	x_refsource_CONFIRM
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142721162228379&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60325	third-party-advisory, x_refsource_SECUNIA
	https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes	x_refsource_CONFIRM
	http://secunia.com/advisories/60024	third-party-advisory, x_refsource_SECUNIA
	http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html	x_refsource_MISC
	https://www.exploit-db.com/exploits/34879/	exploit, x_refsource_EXPLOIT-DB
	http://secunia.com/advisories/61622	third-party-advisory, x_refsource_SECUNIA
	https://access.redhat.com/articles/1200223	x_refsource_CONFIRM
	http://secunia.com/advisories/62343	third-party-advisory, x_refsource_SECUNIA
	http://advisories.mageia.org/MGASA-2014-0393.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61565	third-party-advisory, x_refsource_SECUNIA
	https://www.suse.com/support/shellshock/	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141450491804793&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61313	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142358026505815&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61873	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61485	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61618	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60947	third-party-advisory, x_refsource_SECUNIA
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183	x_refsource_CONFIRM
	https://support.apple.com/kb/HT6535	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141577297623641&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383244821813&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61312	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60193	third-party-advisory, x_refsource_SECUNIA
	http://www.vmware.com/security/advisories/VMSA-2014-0010.html	x_refsource_CONFIRM
	http://secunia.com/advisories/61479	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60063	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60034	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141330425327438&w=2	vendor-advisory, x_refsource_HP
	http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html	x_refsource_MISC
	http://secunia.com/advisories/59907	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/58200	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141577241923505&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61643	third-party-advisory, x_refsource_SECUNIA
	http://twitter.com/taviso/statuses/514887394294652929	x_refsource_MISC
	http://www.novell.com/support/kb/doc.php?id=7015721	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21687079	x_refsource_CONFIRM
	http://secunia.com/advisories/61503	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21686246	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-1354.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=141216207813411&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383465822787&w=2	vendor-advisory, x_refsource_HP
	http://www.qnap.com/i/en/support/con_show.php?cid=61	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141694386919794&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61552	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61780	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279	x_refsource_CONFIRM
	https://support.citrix.com/article/CTX200223	x_refsource_CONFIRM
	http://linux.oracle.com/errata/ELSA-2014-3077.html	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21686447	x_refsource_CONFIRM
	http://secunia.com/advisories/62228	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141330468527613&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61855	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141235957116749&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/60044	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61291	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141345648114150&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/59737	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61287	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=141383353622268&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=142118135300698&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/61711	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=142113462216480&w=2	vendor-advisory, x_refsource_HP
	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=141383304022067&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-1311.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/61128	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2014/dsa-3035	vendor-advisory, x_refsource_DEBIAN
	https://support.citrix.com/article/CTX200217	x_refsource_CONFIRM
	http://secunia.com/advisories/61471	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60055	third-party-advisory, x_refsource_SECUNIA
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash	vendor-advisory, x_refsource_CISCO
	http://secunia.com/advisories/61550	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61633	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21686494	x_refsource_CONFIRM
	http://linux.oracle.com/errata/ELSA-2014-1306.html	x_refsource_CONFIRM
	https://kb.bluecoat.com/index?page=content&id=SA82	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/61328	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21685733	x_refsource_CONFIRM
	http://secunia.com/advisories/61129	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61700	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61626	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61603	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61857	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879	x_refsource_CONFIRM
	https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:40:19.217Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
          },
          {
            "name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
          },
          {
            "name": "HPSBMU03165",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
          },
          {
            "name": "HPSBHF03119",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
          },
          {
            "name": "HPSBST03131",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
          },
          {
            "name": "SSRT101819",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
          },
          {
            "name": "HPSBMU03245",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "openSUSE-SU-2014:1229",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
          },
          {
            "name": "61188",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61188"
          },
          {
            "name": "JVN#55667175",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
          },
          {
            "name": "61676",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61676"
          },
          {
            "name": "openSUSE-SU-2014:1254",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
          },
          {
            "name": "60433",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60433"
          },
          {
            "name": "HPSBMU03143",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
          },
          {
            "name": "HPSBMU03182",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
          },
          {
            "name": "RHSA-2014:1306",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
          },
          {
            "name": "HPSBST03155",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
          },
          {
            "name": "61715",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61715"
          },
          {
            "name": "USN-2363-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2363-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
          },
          {
            "name": "61816",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61816"
          },
          {
            "name": "openSUSE-SU-2014:1310",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
          },
          {
            "name": "61442",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61442"
          },
          {
            "name": "HPSBMU03246",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
          },
          {
            "name": "HPSBST03195",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
          },
          {
            "name": "61283",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61283"
          },
          {
            "name": "SSRT101711",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
          },
          {
            "name": "openSUSE-SU-2014:1308",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
          },
          {
            "name": "61654",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61654"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
          },
          {
            "name": "62312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62312"
          },
          {
            "name": "59272",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59272"
          },
          {
            "name": "HPSBST03122",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
          },
          {
            "name": "HPSBMU03217",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "RHSA-2014:1312",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
          },
          {
            "name": "USN-2363-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2363-1"
          },
          {
            "name": "SSRT101868",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61703",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61703"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6495"
          },
          {
            "name": "VU#252743",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/252743"
          },
          {
            "name": "61065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61065"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
          },
          {
            "name": "HPSBST03129",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
          },
          {
            "name": "HPSBMU03144",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
          },
          {
            "name": "JVNDB-2014-000126",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
          },
          {
            "name": "SSRT101827",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "TA14-268A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
          },
          {
            "name": "61641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61641"
          },
          {
            "name": "SUSE-SU-2014:1247",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/node/1200223"
          },
          {
            "name": "SUSE-SU-2014:1287",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
          },
          {
            "name": "APPLE-SA-2014-10-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
          },
          {
            "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
          },
          {
            "name": "MDVSA-2015:164",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
          },
          {
            "name": "61619",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61619"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
          },
          {
            "name": "HPSBMU03220",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "60325",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60325"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
          },
          {
            "name": "60024",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60024"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
          },
          {
            "name": "34879",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/34879/"
          },
          {
            "name": "61622",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61622"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/articles/1200223"
          },
          {
            "name": "62343",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62343"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2014-0393.html"
          },
          {
            "name": "61565",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61565"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.suse.com/support/shellshock/"
          },
          {
            "name": "HPSBST03157",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
          },
          {
            "name": "61313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61313"
          },
          {
            "name": "SSRT101742",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "61873",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61873"
          },
          {
            "name": "61485",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61485"
          },
          {
            "name": "openSUSE-SU-2014:1242",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
          },
          {
            "name": "61618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61618"
          },
          {
            "name": "60947",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60947"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6535"
          },
          {
            "name": "HPSBST03154",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
          },
          {
            "name": "HPSBGN03142",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
          },
          {
            "name": "61312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61312"
          },
          {
            "name": "60193",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
          },
          {
            "name": "61479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61479"
          },
          {
            "name": "60063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60063"
          },
          {
            "name": "60034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60034"
          },
          {
            "name": "HPSBMU03133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
          },
          {
            "name": "59907",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59907"
          },
          {
            "name": "58200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58200"
          },
          {
            "name": "HPSBST03181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
          },
          {
            "name": "61643",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61643"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://twitter.com/taviso/statuses/514887394294652929"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
          },
          {
            "name": "61503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61503"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
          },
          {
            "name": "RHSA-2014:1354",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
          },
          {
            "name": "HPSBGN03117",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
          },
          {
            "name": "HPSBHF03145",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
          },
          {
            "name": "HPSBST03148",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
          },
          {
            "name": "61552",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61552"
          },
          {
            "name": "61780",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61780"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200223"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
          },
          {
            "name": "62228",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62228"
          },
          {
            "name": "HPSBGN03138",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
          },
          {
            "name": "61855",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61855"
          },
          {
            "name": "HPSBHF03124",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
          },
          {
            "name": "60044",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60044"
          },
          {
            "name": "61291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61291"
          },
          {
            "name": "HPSBHF03125",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
          },
          {
            "name": "59737",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59737"
          },
          {
            "name": "61287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61287"
          },
          {
            "name": "HPSBHF03146",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
          },
          {
            "name": "HPSBGN03233",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "SSRT101739",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61711",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61711"
          },
          {
            "name": "HPSBOV03228",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
          },
          {
            "name": "HPSBGN03141",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
          },
          {
            "name": "RHSA-2014:1311",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
          },
          {
            "name": "61128",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61128"
          },
          {
            "name": "DSA-3035",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3035"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200217"
          },
          {
            "name": "61471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61471"
          },
          {
            "name": "60055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60055"
          },
          {
            "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
          },
          {
            "name": "61550",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61550"
          },
          {
            "name": "61633",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61633"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
          },
          {
            "name": "SUSE-SU-2014:1259",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
          },
          {
            "name": "61328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
          },
          {
            "name": "61129",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61129"
          },
          {
            "name": "61700",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61700"
          },
          {
            "name": "61626",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61626"
          },
          {
            "name": "61603",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61603"
          },
          {
            "name": "61857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-05T16:41:42",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
        },
        {
          "name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
        },
        {
          "name": "HPSBMU03165",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
        },
        {
          "name": "HPSBHF03119",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
        },
        {
          "name": "HPSBST03131",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
        },
        {
          "name": "SSRT101819",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
        },
        {
          "name": "HPSBMU03245",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "openSUSE-SU-2014:1229",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
        },
        {
          "name": "61188",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61188"
        },
        {
          "name": "JVN#55667175",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
        },
        {
          "name": "61676",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61676"
        },
        {
          "name": "openSUSE-SU-2014:1254",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
        },
        {
          "name": "60433",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60433"
        },
        {
          "name": "HPSBMU03143",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
        },
        {
          "name": "HPSBMU03182",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
        },
        {
          "name": "RHSA-2014:1306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
        },
        {
          "name": "HPSBST03155",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
        },
        {
          "name": "61715",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61715"
        },
        {
          "name": "USN-2363-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2363-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
        },
        {
          "name": "61816",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61816"
        },
        {
          "name": "openSUSE-SU-2014:1310",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
        },
        {
          "name": "61442",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61442"
        },
        {
          "name": "HPSBMU03246",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
        },
        {
          "name": "HPSBST03195",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
        },
        {
          "name": "61283",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61283"
        },
        {
          "name": "SSRT101711",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
        },
        {
          "name": "openSUSE-SU-2014:1308",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
        },
        {
          "name": "61654",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61654"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
        },
        {
          "name": "62312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62312"
        },
        {
          "name": "59272",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59272"
        },
        {
          "name": "HPSBST03122",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
        },
        {
          "name": "HPSBMU03217",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "RHSA-2014:1312",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
        },
        {
          "name": "USN-2363-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2363-1"
        },
        {
          "name": "SSRT101868",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61703",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61703"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6495"
        },
        {
          "name": "VU#252743",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/252743"
        },
        {
          "name": "61065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61065"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
        },
        {
          "name": "HPSBST03129",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
        },
        {
          "name": "HPSBMU03144",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
        },
        {
          "name": "JVNDB-2014-000126",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
        },
        {
          "name": "SSRT101827",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "TA14-268A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
        },
        {
          "name": "61641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61641"
        },
        {
          "name": "SUSE-SU-2014:1247",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/node/1200223"
        },
        {
          "name": "SUSE-SU-2014:1287",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
        },
        {
          "name": "APPLE-SA-2014-10-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
        },
        {
          "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
        },
        {
          "name": "MDVSA-2015:164",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
        },
        {
          "name": "61619",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61619"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
        },
        {
          "name": "HPSBMU03220",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "60325",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60325"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
        },
        {
          "name": "60024",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60024"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
        },
        {
          "name": "34879",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/34879/"
        },
        {
          "name": "61622",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61622"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/articles/1200223"
        },
        {
          "name": "62343",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62343"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2014-0393.html"
        },
        {
          "name": "61565",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61565"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.suse.com/support/shellshock/"
        },
        {
          "name": "HPSBST03157",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
        },
        {
          "name": "61313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61313"
        },
        {
          "name": "SSRT101742",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "61873",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61873"
        },
        {
          "name": "61485",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61485"
        },
        {
          "name": "openSUSE-SU-2014:1242",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
        },
        {
          "name": "61618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61618"
        },
        {
          "name": "60947",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60947"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6535"
        },
        {
          "name": "HPSBST03154",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
        },
        {
          "name": "HPSBGN03142",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
        },
        {
          "name": "61312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61312"
        },
        {
          "name": "60193",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
        },
        {
          "name": "61479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61479"
        },
        {
          "name": "60063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60063"
        },
        {
          "name": "60034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60034"
        },
        {
          "name": "HPSBMU03133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
        },
        {
          "name": "59907",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59907"
        },
        {
          "name": "58200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58200"
        },
        {
          "name": "HPSBST03181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
        },
        {
          "name": "61643",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61643"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://twitter.com/taviso/statuses/514887394294652929"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
        },
        {
          "name": "61503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61503"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
        },
        {
          "name": "RHSA-2014:1354",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
        },
        {
          "name": "HPSBGN03117",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
        },
        {
          "name": "HPSBHF03145",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
        },
        {
          "name": "HPSBST03148",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
        },
        {
          "name": "61552",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61552"
        },
        {
          "name": "61780",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61780"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200223"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
        },
        {
          "name": "62228",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62228"
        },
        {
          "name": "HPSBGN03138",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
        },
        {
          "name": "61855",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61855"
        },
        {
          "name": "HPSBHF03124",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
        },
        {
          "name": "60044",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60044"
        },
        {
          "name": "61291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61291"
        },
        {
          "name": "HPSBHF03125",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
        },
        {
          "name": "59737",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59737"
        },
        {
          "name": "61287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61287"
        },
        {
          "name": "HPSBHF03146",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
        },
        {
          "name": "HPSBGN03233",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "SSRT101739",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61711",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61711"
        },
        {
          "name": "HPSBOV03228",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
        },
        {
          "name": "HPSBGN03141",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
        },
        {
          "name": "RHSA-2014:1311",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
        },
        {
          "name": "61128",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61128"
        },
        {
          "name": "DSA-3035",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3035"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200217"
        },
        {
          "name": "61471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61471"
        },
        {
          "name": "60055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60055"
        },
        {
          "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
        },
        {
          "name": "61550",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61550"
        },
        {
          "name": "61633",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61633"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
        },
        {
          "name": "SUSE-SU-2014:1259",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
        },
        {
          "name": "61328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
        },
        {
          "name": "61129",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61129"
        },
        {
          "name": "61700",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61700"
        },
        {
          "name": "61626",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61626"
        },
        {
          "name": "61603",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61603"
        },
        {
          "name": "61857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-7169",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
            },
            {
              "name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
            },
            {
              "name": "HPSBMU03165",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
            },
            {
              "name": "HPSBHF03119",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
            },
            {
              "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts",
              "refsource": "CONFIRM",
              "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
            },
            {
              "name": "HPSBST03131",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
            },
            {
              "name": "SSRT101819",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
            },
            {
              "name": "HPSBMU03245",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2014:1229",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
            },
            {
              "name": "61188",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61188"
            },
            {
              "name": "JVN#55667175",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
            },
            {
              "name": "61676",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61676"
            },
            {
              "name": "openSUSE-SU-2014:1254",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
            },
            {
              "name": "60433",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60433"
            },
            {
              "name": "HPSBMU03143",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
            },
            {
              "name": "HPSBMU03182",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
            },
            {
              "name": "RHSA-2014:1306",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
            },
            {
              "name": "HPSBST03155",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
            },
            {
              "name": "61715",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61715"
            },
            {
              "name": "USN-2363-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2363-2"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
            },
            {
              "name": "61816",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61816"
            },
            {
              "name": "openSUSE-SU-2014:1310",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
            },
            {
              "name": "61442",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61442"
            },
            {
              "name": "HPSBMU03246",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
            },
            {
              "name": "HPSBST03195",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
            },
            {
              "name": "61283",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61283"
            },
            {
              "name": "SSRT101711",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
            },
            {
              "name": "openSUSE-SU-2014:1308",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
            },
            {
              "name": "61654",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61654"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015701",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
            },
            {
              "name": "62312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62312"
            },
            {
              "name": "59272",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59272"
            },
            {
              "name": "HPSBST03122",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
            },
            {
              "name": "HPSBMU03217",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "RHSA-2014:1312",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
            },
            {
              "name": "USN-2363-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2363-1"
            },
            {
              "name": "SSRT101868",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61703",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61703"
            },
            {
              "name": "http://support.apple.com/kb/HT6495",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6495"
            },
            {
              "name": "VU#252743",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/252743"
            },
            {
              "name": "61065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61065"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-3075.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
            },
            {
              "name": "HPSBST03129",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
            },
            {
              "name": "HPSBMU03144",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
            },
            {
              "name": "http://support.novell.com/security/cve/CVE-2014-7169.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
            },
            {
              "name": "JVNDB-2014-000126",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
            },
            {
              "name": "SSRT101827",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "TA14-268A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
            },
            {
              "name": "61641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61641"
            },
            {
              "name": "SUSE-SU-2014:1247",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
            },
            {
              "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
            },
            {
              "name": "https://access.redhat.com/node/1200223",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/node/1200223"
            },
            {
              "name": "SUSE-SU-2014:1287",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
            },
            {
              "name": "APPLE-SA-2014-10-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
            },
            {
              "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
            },
            {
              "name": "MDVSA-2015:164",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
            },
            {
              "name": "61619",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61619"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-3078.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
            },
            {
              "name": "HPSBMU03220",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "60325",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60325"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
            },
            {
              "name": "60024",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60024"
            },
            {
              "name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
            },
            {
              "name": "34879",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/34879/"
            },
            {
              "name": "61622",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61622"
            },
            {
              "name": "https://access.redhat.com/articles/1200223",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/articles/1200223"
            },
            {
              "name": "62343",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62343"
            },
            {
              "name": "http://advisories.mageia.org/MGASA-2014-0393.html",
              "refsource": "CONFIRM",
              "url": "http://advisories.mageia.org/MGASA-2014-0393.html"
            },
            {
              "name": "61565",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61565"
            },
            {
              "name": "https://www.suse.com/support/shellshock/",
              "refsource": "CONFIRM",
              "url": "https://www.suse.com/support/shellshock/"
            },
            {
              "name": "HPSBST03157",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
            },
            {
              "name": "61313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61313"
            },
            {
              "name": "SSRT101742",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "61873",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61873"
            },
            {
              "name": "61485",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61485"
            },
            {
              "name": "openSUSE-SU-2014:1242",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
            },
            {
              "name": "61618",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61618"
            },
            {
              "name": "60947",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60947"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
            },
            {
              "name": "https://support.apple.com/kb/HT6535",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6535"
            },
            {
              "name": "HPSBST03154",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
            },
            {
              "name": "HPSBGN03142",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
            },
            {
              "name": "61312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61312"
            },
            {
              "name": "60193",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60193"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
            },
            {
              "name": "61479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61479"
            },
            {
              "name": "60063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60063"
            },
            {
              "name": "60034",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60034"
            },
            {
              "name": "HPSBMU03133",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
            },
            {
              "name": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html",
              "refsource": "MISC",
              "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
            },
            {
              "name": "59907",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59907"
            },
            {
              "name": "58200",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58200"
            },
            {
              "name": "HPSBST03181",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
            },
            {
              "name": "61643",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61643"
            },
            {
              "name": "http://twitter.com/taviso/statuses/514887394294652929",
              "refsource": "MISC",
              "url": "http://twitter.com/taviso/statuses/514887394294652929"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015721",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
            },
            {
              "name": "61503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61503"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
            },
            {
              "name": "RHSA-2014:1354",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
            },
            {
              "name": "HPSBGN03117",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
            },
            {
              "name": "HPSBHF03145",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
            },
            {
              "name": "http://www.qnap.com/i/en/support/con_show.php?cid=61",
              "refsource": "CONFIRM",
              "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
            },
            {
              "name": "HPSBST03148",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
            },
            {
              "name": "61552",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61552"
            },
            {
              "name": "61780",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61780"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
            },
            {
              "name": "https://support.citrix.com/article/CTX200223",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200223"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-3077.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
            },
            {
              "name": "62228",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62228"
            },
            {
              "name": "HPSBGN03138",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
            },
            {
              "name": "61855",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61855"
            },
            {
              "name": "HPSBHF03124",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
            },
            {
              "name": "60044",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60044"
            },
            {
              "name": "61291",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61291"
            },
            {
              "name": "HPSBHF03125",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
            },
            {
              "name": "59737",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59737"
            },
            {
              "name": "61287",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61287"
            },
            {
              "name": "HPSBHF03146",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
            },
            {
              "name": "HPSBGN03233",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "SSRT101739",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61711",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61711"
            },
            {
              "name": "HPSBOV03228",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
            },
            {
              "name": "HPSBGN03141",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
            },
            {
              "name": "RHSA-2014:1311",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
            },
            {
              "name": "61128",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61128"
            },
            {
              "name": "DSA-3035",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-3035"
            },
            {
              "name": "https://support.citrix.com/article/CTX200217",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200217"
            },
            {
              "name": "61471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61471"
            },
            {
              "name": "60055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60055"
            },
            {
              "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
            },
            {
              "name": "61550",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61550"
            },
            {
              "name": "61633",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61633"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-1306.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
            },
            {
              "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82",
              "refsource": "CONFIRM",
              "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
            },
            {
              "name": "SUSE-SU-2014:1259",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
            },
            {
              "name": "61328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61328"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
            },
            {
              "name": "61129",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61129"
            },
            {
              "name": "61700",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61700"
            },
            {
              "name": "61626",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61626"
            },
            {
              "name": "61603",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61603"
            },
            {
              "name": "61857",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61857"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
            },
            {
              "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006",
              "refsource": "MISC",
              "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-7169",
    "datePublished": "2014-09-25T01:00:00",
    "dateReserved": "2014-09-24T00:00:00",
    "dateUpdated": "2024-08-06T12:40:19.217Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-4027

Vulnerability from cvelistv5

Published

2014-06-23 10:00

Modified

2024-08-06 11:04

Severity ?

Summary

The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.

References

▼	URL	Tags
	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/59134	third-party-advisory, x_refsource_SECUNIA
	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1108744	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2335-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2334-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/60564	third-party-advisory, x_refsource_SECUNIA
	https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc	x_refsource_CONFIRM
	http://secunia.com/advisories/59777	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61310	third-party-advisory, x_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2014/06/11/1	mailing-list, x_refsource_MLIST
	http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618	mailing-list, x_refsource_MLIST

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:04:27.539Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2014:1316",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html"
          },
          {
            "name": "59134",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59134"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744"
          },
          {
            "name": "USN-2335-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2335-1"
          },
          {
            "name": "USN-2334-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2334-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
          },
          {
            "name": "SUSE-SU-2014:1319",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
          },
          {
            "name": "60564",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60564"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
          },
          {
            "name": "59777",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59777"
          },
          {
            "name": "61310",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61310"
          },
          {
            "name": "[oss-security] 20140611 Re: CVE request: Linux kernel / target information leak",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/06/11/1"
          },
          {
            "name": "[target-devel] 20140616 [PATCH] target: Explicitly clear ramdisk_mcp backend pages",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-06-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-05T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SU-2014:1316",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html"
        },
        {
          "name": "59134",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59134"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744"
        },
        {
          "name": "USN-2335-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2335-1"
        },
        {
          "name": "USN-2334-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2334-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
        },
        {
          "name": "SUSE-SU-2014:1319",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
        },
        {
          "name": "60564",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60564"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
        },
        {
          "name": "59777",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59777"
        },
        {
          "name": "61310",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61310"
        },
        {
          "name": "[oss-security] 20140611 Re: CVE request: Linux kernel / target information leak",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/06/11/1"
        },
        {
          "name": "[target-devel] 20140616 [PATCH] target: Explicitly clear ramdisk_mcp backend pages",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-4027",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2014:1316",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html"
            },
            {
              "name": "59134",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59134"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744"
            },
            {
              "name": "USN-2335-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2335-1"
            },
            {
              "name": "USN-2334-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2334-1"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
            },
            {
              "name": "SUSE-SU-2014:1319",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
            },
            {
              "name": "60564",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60564"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
            },
            {
              "name": "59777",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59777"
            },
            {
              "name": "61310",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61310"
            },
            {
              "name": "[oss-security] 20140611 Re: CVE request: Linux kernel / target information leak",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/06/11/1"
            },
            {
              "name": "[target-devel] 20140616 [PATCH] target: Explicitly clear ramdisk_mcp backend pages",
              "refsource": "MLIST",
              "url": "http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-4027",
    "datePublished": "2014-06-23T10:00:00",
    "dateReserved": "2014-06-11T00:00:00",
    "dateUpdated": "2024-08-06T11:04:27.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-4023

Vulnerability from cvelistv5

Published

2014-10-28 14:00

Modified

2024-08-06 11:04

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

▼	URL	Tags
	https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt	x_refsource_MISC
	https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1030776	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:04:27.745Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html"
          },
          {
            "name": "1030776",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030776"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-08-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-05-12T14:57:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html"
        },
        {
          "name": "1030776",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030776"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-4023",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt",
              "refsource": "MISC",
              "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html"
            },
            {
              "name": "1030776",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030776"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-4023",
    "datePublished": "2014-10-28T14:00:00",
    "dateReserved": "2014-06-11T00:00:00",
    "dateUpdated": "2024-08-06T11:04:27.745Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-6016

Vulnerability from cvelistv5

Published

2013-10-26 17:00

Modified

2024-08-06 17:29

Severity ?

Summary

The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1; and WebAccelerator 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0 might change a TCP connection to the ESTABLISHED state before receiving the ACK packet, which allows remote attackers to cause a denial of service (SIGFPE or assertion failure and TMM restart) via unspecified vectors.

References

▼	URL	Tags
	http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html	x_refsource_CONFIRM
	http://secunia.com/advisories/55378	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id/1029220	vdb-entry, x_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilities/88166	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:29:42.952Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html"
          },
          {
            "name": "55378",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55378"
          },
          {
            "name": "1029220",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1029220"
          },
          {
            "name": "f5-cve20136016-dos(88166)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88166"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-10-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1; and WebAccelerator 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0 might change a TCP connection to the ESTABLISHED state before receiving the ACK packet, which allows remote attackers to cause a denial of service (SIGFPE or assertion failure and TMM restart) via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html"
        },
        {
          "name": "55378",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55378"
        },
        {
          "name": "1029220",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1029220"
        },
        {
          "name": "f5-cve20136016-dos(88166)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88166"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2013-6016",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1; and WebAccelerator 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0 might change a TCP connection to the ESTABLISHED state before receiving the ACK packet, which allows remote attackers to cause a denial of service (SIGFPE or assertion failure and TMM restart) via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html"
            },
            {
              "name": "55378",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55378"
            },
            {
              "name": "1029220",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1029220"
            },
            {
              "name": "f5-cve20136016-dos(88166)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88166"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2013-6016",
    "datePublished": "2013-10-26T17:00:00",
    "dateReserved": "2013-10-04T00:00:00",
    "dateUpdated": "2024-08-06T17:29:42.952Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-0101

Vulnerability from cvelistv5

Published

2014-03-11 01:00

Modified

2024-08-06 09:05

Severity ?

Summary

The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/65943	vdb-entry, x_refsource_BID
	http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-0328.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-2173-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2014-0432.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-2174-1	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2014-0419.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/59216	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=1070705	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2014/03/04/6	mailing-list, x_refsource_MLIST

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:05:38.283Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "65943",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/65943"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
          },
          {
            "name": "RHSA-2014:0328",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
          },
          {
            "name": "USN-2173-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2173-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729"
          },
          {
            "name": "RHSA-2014:0432",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
          },
          {
            "name": "USN-2174-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2174-1"
          },
          {
            "name": "RHSA-2014:0419",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
          },
          {
            "name": "59216",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59216"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
          },
          {
            "name": "[oss-security] 20140304 CVE-2014-0101 -- Linux kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/03/04/6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-03-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-15T17:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "65943",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/65943"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
        },
        {
          "name": "RHSA-2014:0328",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
        },
        {
          "name": "USN-2173-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2173-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729"
        },
        {
          "name": "RHSA-2014:0432",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
        },
        {
          "name": "USN-2174-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2174-1"
        },
        {
          "name": "RHSA-2014:0419",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
        },
        {
          "name": "59216",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59216"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
        },
        {
          "name": "[oss-security] 20140304 CVE-2014-0101 -- Linux kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/03/04/6"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-0101",
    "datePublished": "2014-03-11T01:00:00",
    "dateReserved": "2013-12-03T00:00:00",
    "dateUpdated": "2024-08-06T09:05:38.283Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd

Published

2020-02-21 18:15

Modified

2024-11-21 01:53

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack, a different issue than CVE-2012-4929.

References

URL	Tags
cret@cert.org	http://breachattack.com/	Third Party Advisory
cret@cert.org	http://github.com/meldium/breach-mitigation-rails	Third Party Advisory
cret@cert.org	http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407	Exploit, Third Party Advisory
cret@cert.org	http://slashdot.org/story/13/08/05/233216	Third Party Advisory
cret@cert.org	http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf	Third Party Advisory
cret@cert.org	http://www.kb.cert.org/vuls/id/987798	Third Party Advisory, US Government Resource
cret@cert.org	https://bugzilla.redhat.com/show_bug.cgi?id=995168	Issue Tracking, Third Party Advisory
cret@cert.org	https://hackerone.com/reports/254895	Exploit, Third Party Advisory
cret@cert.org	https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apache.org%3E
cret@cert.org	https://support.f5.com/csp/article/K14634	Third Party Advisory
cret@cert.org	https://www.blackhat.com/us-13/briefings.html#Prado	Third Party Advisory
cret@cert.org	https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://breachattack.com/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://github.com/meldium/breach-mitigation-rails	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://slashdot.org/story/13/08/05/233216	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/987798	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=995168	Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://hackerone.com/reports/254895	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K14634	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.blackhat.com/us-13/briefings.html#Prado	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/	Third Party Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	13.0.0
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	13.0.0
f5	big-ip_analytics	*
f5	big-ip_analytics	*
f5	big-ip_analytics	13.0.0
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	13.0.0
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	13.0.0
f5	big-ip_edge_gateway	*
f5	big-ip_edge_gateway	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	13.0.0
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	13.0.0
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	13.0.0
f5	big-ip_protocol_security_module	*
f5	big-ip_protocol_security_module	*
f5	big-ip_protocol_security_module	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	*
f5	firepass	*
f5	firepass	7.0.0
f5	arx	*
f5	arx	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57AB5137-9797-4BA3-8725-40494DA8FFB2",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ACC0695-E62E-4748-AA8A-46772EB8C83C",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF89E7C-806E-4800-BAA9-0225433B6C56",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59217FC1-AFB3-479F-A369-9C7FB3DD29F0",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93212B86-21EA-4340-9149-E58F65285C15",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4E5F36-434B-48E1-9715-4EEC22FB23D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FCA781F-8728-4ECB-85D1-1E0AE4EEFC2B",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25944BCA-3EEB-4396-AC8F-EF58834BC47E",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "34D75E7F-B65F-421D-92EE-6B20756019C2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70FB5FD7-4B96-438C-AAD3-D2E128DAA8BF",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E45CF5-C9E4-4AB9-A6D5-66F8336DDB79",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6034A531-6A0E-4086-A76F-91C3F62C7994",
              "versionEndIncluding": "9.4.8",
              "versionStartIncluding": "9.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDDD9D77-12B6-40F4-B819-2515D357A91A",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB146EF-CCAB-4194-9735-F8909E283308",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7569977A-E567-4115-B00C-4B0CBA86582E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E27C5743-4F94-4A1C-AD8C-25D29B65BF95",
              "versionEndIncluding": "9.4.8",
              "versionStartIncluding": "9.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D413BDC-8B60-494A-A218-75EAF09D1495",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4A5CD9B-D257-4EC9-8C57-D9552C2FFFFC",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2C4414E-8016-48B5-8CC3-F97FF2D85922",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F293F06-4601-4074-A695-2C229CF8D126",
              "versionEndIncluding": "9.6.1",
              "versionStartIncluding": "9.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "439927F5-ECDA-4DD8-BA75-97E55C9E584F",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F5FF67-5D17-4760-AFDC-4234EC1E6306",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA7D64DC-7271-4617-BD46-99C8246779CA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "632BD15C-04E6-4FD9-9410-6DE9E48F926A",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDE77CCE-7F97-48EA-A9D3-090B1481616F",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "42821916-E601-4831-B37B-3202ACF2C562",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5522F58E-C4EA-40B4-8F44-3E95315D37EA",
              "versionEndIncluding": "9.4.8",
              "versionStartIncluding": "9.4.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9828CBA5-BB72-46E2-987D-633A5B3E2AFF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F383EBC-4739-4514-9EC0-BE17AC453735",
              "versionEndIncluding": "9.4.8",
              "versionStartIncluding": "9.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:firepass:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15CE213B-F42C-4C2E-AFBD-852AB049FF8A",
              "versionEndIncluding": "6.1.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "442D343A-973B-4C33-B99B-1EA2B7670DE5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:arx:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "794651B6-E22C-4A6F-9B1F-AA94BEDD44FF",
              "versionEndIncluding": "5.3.1",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:arx:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F20E6644-F925-4283-AD92-7B0696F52310",
              "versionEndIncluding": "6.4.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a \"BREACH\" attack, a different issue than CVE-2012-4929."
    },
    {
      "lang": "es",
      "value": "El protocolo HTTPS, como es usado en aplicaciones web no especificadas, puede cifrar datos comprimidos sin ofuscar apropiadamente la longitud de los datos no cifrados, facilitando a atacantes de tipo \"man-in-the-middle\" obtener valores secretos en texto plano al observar las diferencias de longitud durante una serie de adivinaciones en las que una cadena en una URL de peticiones HTTP coincide potencialmente con una cadena desconocida en un cuerpo de respuesta HTTP, tambi\u00e9n se conoce como ataque \"BREACH\", un problema diferente de CVE-2012-4929."
    }
  ],
  "id": "CVE-2013-3587",
  "lastModified": "2024-11-21T01:53:56.283",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-02-21T18:15:11.427",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://breachattack.com/"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://github.com/meldium/breach-mitigation-rails"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://slashdot.org/story/13/08/05/233216"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/987798"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=995168"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/254895"
    },
    {
      "source": "cret@cert.org",
      "url": "https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apache.org%3E"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K14634"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.blackhat.com/us-13/briefings.html#Prado"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://breachattack.com/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://github.com/meldium/breach-mitigation-rails"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://slashdot.org/story/13/08/05/233216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/987798"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=995168"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/254895"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K14634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.blackhat.com/us-13/briefings.html#Prado"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2017-06-08 16:29

Modified

2024-11-21 02:13

Severity ?

4.9 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Summary

Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators to cause a denial of service via unspecified vectors.

References

▼	URL	Tags
	cve@mitre.org	https://support.f5.com/csp/article/K16196	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K16196	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_local_traffic_manager	10.0.0
f5	big-ip_local_traffic_manager	10.0.1
f5	big-ip_local_traffic_manager	10.1.0
f5	big-ip_local_traffic_manager	10.2.0
f5	big-ip_local_traffic_manager	10.2.1
f5	big-ip_local_traffic_manager	10.2.2
f5	big-ip_local_traffic_manager	10.2.3
f5	big-ip_local_traffic_manager	10.2.4
f5	big-ip_local_traffic_manager	11.0.0
f5	big-ip_local_traffic_manager	11.1.0
f5	big-ip_local_traffic_manager	11.2.0
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.5.2
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.5.2
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_analytics	11.0.0
f5	big-ip_analytics	11.1.0
f5	big-ip_analytics	11.2.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.5.2
f5	big-ip_analytics	11.6.0
f5	big-ip_access_policy_manager	10.1.0
f5	big-ip_access_policy_manager	10.2.0
f5	big-ip_access_policy_manager	10.2.1
f5	big-ip_access_policy_manager	10.2.2
f5	big-ip_access_policy_manager	10.2.3
f5	big-ip_access_policy_manager	10.2.4
f5	big-ip_access_policy_manager	11.0.0
f5	big-ip_access_policy_manager	11.1.0
f5	big-ip_access_policy_manager	11.2.0
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_application_security_manager	10.0.0
f5	big-ip_application_security_manager	10.1.0
f5	big-ip_application_security_manager	10.2.0
f5	big-ip_application_security_manager	10.2.1
f5	big-ip_application_security_manager	10.2.2
f5	big-ip_application_security_manager	10.2.3
f5	big-ip_application_security_manager	10.2.4
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_application_security_manager	11.1.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.5.2
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_edge_gateway	10.1.0
f5	big-ip_edge_gateway	10.2.0
f5	big-ip_edge_gateway	10.2.1
f5	big-ip_edge_gateway	10.2.2
f5	big-ip_edge_gateway	10.2.3
f5	big-ip_edge_gateway	10.2.4
f5	big-ip_edge_gateway	11.0.0
f5	big-ip_edge_gateway	11.1.0
f5	big-ip_edge_gateway	11.2.0
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_edge_gateway	11.3.0
f5	big-ip_global_traffic_manager	10.0.0
f5	big-ip_global_traffic_manager	10.1.0
f5	big-ip_global_traffic_manager	10.2.0
f5	big-ip_global_traffic_manager	10.2.1
f5	big-ip_global_traffic_manager	10.2.2
f5	big-ip_global_traffic_manager	10.2.3
f5	big-ip_global_traffic_manager	10.2.4
f5	big-ip_global_traffic_manager	11.0.0
f5	big-ip_global_traffic_manager	11.1.0
f5	big-ip_global_traffic_manager	11.2.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.5.2
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_link_controller	10.0.0
f5	big-ip_link_controller	10.1.0
f5	big-ip_link_controller	10.2.0
f5	big-ip_link_controller	10.2.1
f5	big-ip_link_controller	10.2.2
f5	big-ip_link_controller	10.2.3
f5	big-ip_link_controller	10.2.4
f5	big-ip_link_controller	11.0.0
f5	big-ip_link_controller	11.1.0
f5	big-ip_link_controller	11.2.0
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.3.0
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.5.2
f5	big-ip_link_controller	11.6.0
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.5.2
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_protocol_security_module	10.0.0
f5	big-ip_protocol_security_module	10.1.0
f5	big-ip_protocol_security_module	10.2.0
f5	big-ip_protocol_security_module	10.2.1
f5	big-ip_protocol_security_module	10.2.2
f5	big-ip_protocol_security_module	10.2.3
f5	big-ip_protocol_security_module	10.2.4
f5	big-ip_protocol_security_module	11.0.0
f5	big-ip_protocol_security_module	11.1.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_webaccelerator	10.0.0
f5	big-ip_webaccelerator	10.1.0
f5	big-ip_webaccelerator	10.2.0
f5	big-ip_webaccelerator	10.2.1
f5	big-ip_webaccelerator	10.2.2
f5	big-ip_webaccelerator	10.2.3
f5	big-ip_webaccelerator	10.2.4
f5	big-ip_webaccelerator	11.0.0
f5	big-ip_webaccelerator	11.1.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0
f5	big-ip_wan_optimization_manager	10.0.0
f5	big-ip_wan_optimization_manager	10.1.0
f5	big-ip_wan_optimization_manager	10.2.0
f5	big-ip_wan_optimization_manager	10.2.1
f5	big-ip_wan_optimization_manager	10.2.2
f5	big-ip_wan_optimization_manager	10.2.3
f5	big-ip_wan_optimization_manager	10.2.4
f5	big-ip_wan_optimization_manager	11.0.0
f5	big-ip_wan_optimization_manager	11.1.0
f5	big-ip_wan_optimization_manager	11.2.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-ip_enterprise_manager	2.1.0
f5	big-ip_enterprise_manager	2.2.0
f5	big-ip_enterprise_manager	2.3.0
f5	big-ip_enterprise_manager	3.0.0
f5	big-ip_enterprise_manager	3.1.0
f5	big-ip_enterprise_manager	3.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC8AA37-9962-4CF6-99E5-A6F94582B107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16ACB60E-B9E9-402A-BE42-DF5C892C2257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71578014-E3CD-40A9-8AE4-537C970B4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E951823B-9791-48C7-A804-18FEBEC31279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB441DC5-813E-4E59-87B8-15731291B135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C4CA12D-F3E5-4C9B-B5C6-E9DCCA03555F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4D791F6-4B3E-4C2B-8600-60559DA2A09E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF91EBEE-7443-4FA0-83C5-7314BE1AC9C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13753E9F-11AA-41F4-930E-BD9866D03396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D04FC0C-5E44-4DAD-9542-C772EA35916C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE47FF9-E13D-41D3-BEA2-EF1B973CB0A9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators to cause a denial of service via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer en el demonio mcpq en sistemas F5 BIG-IP, versiones 10.x anteriores a la 10.2.4 HF12, 11.x anteriores a la 11.2.1 HF15, 11.3.x, 11.4.x anteriores a la 11.4.1 HF9, 11.5.x anteriores a la 11.5.2 HF1 y 11.6.0 anteriores a la HF4 y Enterprise Manager, versiones de la 2.1.0 a la 2.3.0 y 3.x anteriores a la 3.1.1 HF5, que permitir\u00eda a administradores autenticados causar una denegaci\u00f3n de servicio a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2014-6031",
  "lastModified": "2024-11-21T02:13:37.793",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-08T16:29:00.217",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K16196"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K16196"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-12-10 00:59

Modified

2024-11-21 02:19

Severity ?

Summary

The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=144372772101168&w=2
cve@mitre.org	http://secunia.com/advisories/62167
cve@mitre.org	http://secunia.com/advisories/62224
cve@mitre.org	http://secunia.com/advisories/62388
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21693271
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21693337
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21693495
cve@mitre.org	http://www.openwall.com/lists/oss-security/2014/12/09/27
cve@mitre.org	https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151	Vendor Advisory
cve@mitre.org	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html	Vendor Advisory
cve@mitre.org	https://support.lenovo.com/product_security/poodle
cve@mitre.org	https://support.lenovo.com/us/en/product_security/poodle
cve@mitre.org	https://www.imperialviolet.org/2014/12/08/poodleagain.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=144372772101168&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62167
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62224
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62388
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21693271
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21693337
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21693495
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2014/12/09/27
af854a3a-2127-422b-91ae-364da2661108	https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.lenovo.com/product_security/poodle
af854a3a-2127-422b-91ae-364da2661108	https://support.lenovo.com/us/en/product_security/poodle
af854a3a-2127-422b-91ae-364da2661108	https://www.imperialviolet.org/2014/12/08/poodleagain.html

Impacted products

Vendor	Product	Version
f5	big-ip_local_traffic_manager	10.0.0
f5	big-ip_local_traffic_manager	10.0.1
f5	big-ip_local_traffic_manager	10.1.0
f5	big-ip_local_traffic_manager	10.2.0
f5	big-ip_local_traffic_manager	10.2.1
f5	big-ip_local_traffic_manager	10.2.2
f5	big-ip_local_traffic_manager	10.2.3
f5	big-ip_local_traffic_manager	10.2.4
f5	big-ip_local_traffic_manager	11.0.0
f5	big-ip_local_traffic_manager	11.1.0
f5	big-ip_local_traffic_manager	11.2.0
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_access_policy_manager	10.1.0
f5	big-ip_access_policy_manager	10.2.0
f5	big-ip_access_policy_manager	10.2.1
f5	big-ip_access_policy_manager	10.2.2
f5	big-ip_access_policy_manager	10.2.3
f5	big-ip_access_policy_manager	10.2.4
f5	big-ip_access_policy_manager	11.0.0
f5	big-ip_access_policy_manager	11.1.0
f5	big-ip_access_policy_manager	11.2.0
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_protocol_security_module	10.0.0
f5	big-ip_protocol_security_module	10.0.1
f5	big-ip_protocol_security_module	10.1.0
f5	big-ip_protocol_security_module	10.2.0
f5	big-ip_protocol_security_module	10.2.1
f5	big-ip_protocol_security_module	10.2.2
f5	big-ip_protocol_security_module	10.2.3
f5	big-ip_protocol_security_module	10.2.4
f5	big-ip_protocol_security_module	11.0.0
f5	big-ip_protocol_security_module	11.1.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_webaccelerator	10.0.0
f5	big-ip_webaccelerator	10.0.1
f5	big-ip_webaccelerator	10.1.0
f5	big-ip_webaccelerator	10.2.0
f5	big-ip_webaccelerator	10.2.1
f5	big-ip_webaccelerator	10.2.2
f5	big-ip_webaccelerator	10.2.3
f5	big-ip_webaccelerator	10.2.4
f5	big-ip_webaccelerator	11.0.0
f5	big-ip_webaccelerator	11.1.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0
f5	big-iq_security	4.0.0
f5	big-iq_security	4.1.0
f5	big-iq_security	4.2.0
f5	big-iq_security	4.3.0
f5	big-iq_security	4.4.0
f5	big-ip_edge_gateway	10.1.0
f5	big-ip_edge_gateway	10.2.0
f5	big-ip_edge_gateway	10.2.1
f5	big-ip_edge_gateway	10.2.2
f5	big-ip_edge_gateway	10.2.3
f5	big-ip_edge_gateway	10.2.4
f5	big-ip_edge_gateway	11.0.0
f5	big-ip_edge_gateway	11.1.0
f5	big-ip_edge_gateway	11.2.0
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_edge_gateway	11.3.0
f5	big-iq_device	4.2.0
f5	big-iq_device	4.3.0
f5	big-iq_device	4.4.0
f5	big-ip_application_security_manager	10.0.0
f5	big-ip_application_security_manager	10.0.1
f5	big-ip_application_security_manager	10.1.0
f5	big-ip_application_security_manager	10.2.0
f5	big-ip_application_security_manager	10.2.1
f5	big-ip_application_security_manager	10.2.2
f5	big-ip_application_security_manager	10.2.3
f5	big-ip_application_security_manager	10.2.4
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_application_security_manager	11.1.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_analytics	11.0.0
f5	big-ip_analytics	11.1.0
f5	big-ip_analytics	11.2.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-iq_cloud	4.0.0
f5	big-iq_cloud	4.1.0
f5	big-iq_cloud	4.2.0
f5	big-iq_cloud	4.3.0
f5	big-iq_cloud	4.4.0
f5	big-ip_wan_optimization_manager	10.0.0
f5	big-ip_wan_optimization_manager	10.0.1
f5	big-ip_wan_optimization_manager	10.1.0
f5	big-ip_wan_optimization_manager	10.2.0
f5	big-ip_wan_optimization_manager	10.2.1
f5	big-ip_wan_optimization_manager	10.2.2
f5	big-ip_wan_optimization_manager	10.2.3
f5	big-ip_wan_optimization_manager	10.2.4
f5	big-ip_wan_optimization_manager	11.0.0
f5	big-ip_wan_optimization_manager	11.1.0
f5	big-ip_wan_optimization_manager	11.2.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_wan_optimization_manager	11.3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC8AA37-9962-4CF6-99E5-A6F94582B107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B10D9D9-BC40-4889-9196-C8EA7C571160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E951823B-9791-48C7-A804-18FEBEC31279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E3427DB-2918-4934-A3C1-FA5F1632364F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC2A0DC-D931-4450-8D0F-3223A8EDCED9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB441DC5-813E-4E59-87B8-15731291B135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89F4A12-710E-4F7A-9A8D-D8B91889A279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).  NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself."
    },
    {
      "lang": "es",
      "value": "El componente SSL profiles en F5 BIG-IP LTM, APM, y ASM 10.0.0 hasta 10.2.4 y 11.0.0 hasta 11.5.1, AAM 11.4.0 hasta 11.5.1, AFM 11.3.0 hasta 11.5.1, Analytics 11.0.0 hasta 11.5.1, Edge Gateway, WebAccelerator, y WOM 10.1.0 hasta 10.2.4 y 11.0.0 hasta 11.3.0, PEM 11.3.0 hasta 11.6.0, y PSM 10.0.0 hasta 10.2.4 y 11.0.0 hasta 11.4.1 y BIG-IQ Cloud and Security 4.0.0 hasta 4.4.0 y Device 4.2.0 hasta 4.4.0, cuando utiliza TLS 1.x anterior a TLS 1.2, no comprueba correctamente los bytes de relleno CBC cuando termina conexiones, lo que facilita a atacantes man-in-the-middle obtener datos en texto plano a trav\u00e9s de un ataque del oracle de relleno, una variante de CVE-2014-3566 (tambi\u00e9n conocido como POODLE). NOTA: el alcance de este identificador est\u00e1 limitado a la implementaci\u00f3n F5 exclusivamente. Otras implementaciones vulnerables deben recibir su propio ID de CVE, debido a que esta vulnerabilidad no existe dentro del dise\u00f1o de TLS 1.x mismo."
    }
  ],
  "id": "CVE-2014-8730",
  "lastModified": "2024-11-21T02:19:39.347",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2014-12-10T00:59:01.293",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=144372772101168\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/62167"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/62224"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/62388"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2014/12/09/27"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.lenovo.com/product_security/poodle"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.lenovo.com/us/en/product_security/poodle"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=144372772101168\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62167"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62224"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62388"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2014/12/09/27"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.lenovo.com/product_security/poodle"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.lenovo.com/us/en/product_security/poodle"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-310"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-01-12 20:59

Modified

2024-11-21 02:36

Severity ?

7.4 (High) - CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://securitytracker.com/id/1034632
cve@mitre.org	http://www.securitytracker.com/id/1034633
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id/1034632
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034633
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-iq_application_delivery_controller	4.5.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_application_security_manager	12.0.0
f5	big-iq_security	4.0.0
f5	big-iq_security	4.1.0
f5	big-iq_security	4.2.0
f5	big-iq_security	4.3.0
f5	big-iq_security	4.4.0
f5	big-iq_security	4.5.0
f5	big-ip_wan_optimization_manager	11.2.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_global_traffic_manager11.2.0	*
f5	big-iq_centralized_management	4.6.0
f5	big-ip_analytics	11.0.0
f5	big-ip_analytics	11.1.0
f5	big-ip_analytics	11.2.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.6.0
f5	big-ip_analytics	12.0.0
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_advanced_firewall_manager	12.0.0
f5	big-ip_domain_name_system	12.0.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-iq_cloud	4.0.0
f5	big-iq_cloud	4.1.0
f5	big-iq_cloud	4.2.0
f5	big-iq_cloud	4.3.0
f5	big-iq_cloud	4.4.0
f5	big-iq_cloud	4.5.0
f5	big-iq_cloud_and_orchestration	1.0.0
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_policy_enforcement_manager	12.0.0
f5	big-ip_access_policy_manager	11.2.0
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_access_policy_manager	12.0.0
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_application_acceleration_manager	12.0.0
f5	big-ip_edge_gateway	11.2.0
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_edge_gateway	11.3.0
f5	big-iq_device	4.2.0
f5	big-iq_device	4.3.0
f5	big-iq_device	4.4.0
f5	big-iq_device	4.5.0
f5	big-ip_local_traffic_manager	11.2.0
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_local_traffic_manager	12.0.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager11.2.0:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96D10DFA-DA4D-4A57-AE06-57D9886A6F67",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "dcoep en BIG-IP LTM, Analytics, APM, ASM y Link Controller 11.2.0 hasta la versi\u00f3n 11.6.0 y 12.0.0 en versiones anteriores a 12.0.0 HF1, BIG-IP AAM 11.4.0 hasta la versi\u00f3n 11.6.0 y 12.0.0 en versiones anteriores a 12.0.0 HF1, BIG-IP AFM y PEM 11.3.0 hasta la versi\u00f3n 11.6.0 y 12.0.0 en versiones anteriores a 12.0.0 HF1, BIG-IP DNS 12.0.0 en versiones anteriores a 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator y WOM 11.2.0 hasta la versi\u00f3n 11.3.0, BIG-IP GTM 11.2.0 hasta la versi\u00f3n 11.6.0, BIG-IP PSM 11.2.0 hasta la versi\u00f3n 11.4.1, Enterprise Manager 3.0.0 hasta la versi\u00f3n 3.1.1, BIG-IQ Cloud 4.0.0 hasta la versi\u00f3n 4.5.0, BIG-IQ Device 4.2.0 hasta la versi\u00f3n 4.5.0, BIG-IQ Security 4.0.0 hasta la versi\u00f3n 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0 y BIG-IQ Cloud y Orchestration 1.0.0 permite a usuarios locales con acceso shell (bash) avanzado obtener privilegios a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2015-7393",
  "lastModified": "2024-11-21T02:36:42.707",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.4,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-01-12T20:59:00.120",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id/1034632"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034633"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id/1034632"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2012-10-17 00:55

Modified

2024-11-21 01:40

Severity ?

Summary

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.

References

URL	Tags
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2012-1462.html	Third Party Advisory
secalert_us@oracle.com	http://secunia.com/advisories/51177	Not Applicable
secalert_us@oracle.com	http://secunia.com/advisories/51309	Not Applicable
secalert_us@oracle.com	http://secunia.com/advisories/53372	Not Applicable
secalert_us@oracle.com	http://secunia.com/advisories/56509	Not Applicable
secalert_us@oracle.com	http://secunia.com/advisories/56513	Not Applicable
secalert_us@oracle.com	http://security.gentoo.org/glsa/glsa-201308-06.xml	Third Party Advisory
secalert_us@oracle.com	http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html	Third Party Advisory
secalert_us@oracle.com	http://www.debian.org/security/2012/dsa-2581	Third Party Advisory
secalert_us@oracle.com	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	Third Party Advisory
secalert_us@oracle.com	http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html	Patch, Third Party Advisory
secalert_us@oracle.com	http://www.ubuntu.com/usn/USN-1621-1	Third Party Advisory
secalert_us@oracle.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/79381	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1462.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51177	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51309	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/53372	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/56509	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/56513	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201308-06.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2012/dsa-2581	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1621-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/79381	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
oracle	mysql	*
oracle	mysql	*
mariadb	mariadb	*
mariadb	mariadb	*
canonical	ubuntu_linux	10.04
canonical	ubuntu_linux	11.10
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	12.10
debian	debian_linux	6.0
debian	debian_linux	7.0
redhat	enterprise_linux_desktop	6.0
redhat	enterprise_linux_eus	6.3
redhat	enterprise_linux_server	6.0
redhat	enterprise_linux_workstation	6.0
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_analytics	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_edge_gateway	*
f5	big-ip_edge_gateway	*
f5	big-ip_enterprise_manager	*
f5	big-ip_enterprise_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_protocol_security_module	*
f5	big-ip_protocol_security_module	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B4BD2E2-983F-4926-96FE-E8FE886CD963",
              "versionEndIncluding": "5.1.64",
              "versionStartIncluding": "5.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55230A9A-73B6-4D31-9928-AA151F782D48",
              "versionEndIncluding": "5.5.26",
              "versionStartIncluding": "5.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EC9DD53-AC79-4568-8AEE-677FD075470E",
              "versionEndExcluding": "5.1.66",
              "versionStartIncluding": "5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C968B2-7A65-4BE6-881D-F6248189EA32",
              "versionEndExcluding": "5.5.27",
              "versionStartIncluding": "5.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "384E40E2-6A1E-41EE-9075-C3D4E4C9DF3D",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA3E5454-D0E6-4BF9-B95F-A43ECE1A4C66",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD998E02-0896-4970-8BF7-2D2A3EF3FD7B",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C66CD9-BCF0-44C0-AD9B-85D95FC6FF1E",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23AEA33F-71CC-473F-86A4-C120532928DE",
              "versionEndIncluding": "3.1.1",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC253328-767A-4DC9-85FB-E8E5666B916B",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64C91648-A64F-4D8A-9F60-DEE6CA181A87",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E675191C-CA97-4F56-949A-DF2180C2C9F0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A97C7ACA-7D67-49C1-BA1E-256CD9E337D8",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.64 y anteriores, y v5.5.26 y anteriores, permite a usuarios remotos autenticados a afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Information Schema."
    }
  ],
  "id": "CVE-2012-3163",
  "lastModified": "2024-11-21T01:40:20.007",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-10-17T00:55:01.227",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/51177"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/51309"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/53372"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/56509"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/56513"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2012/dsa-2581"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1621-1"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79381"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/51177"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/51309"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/53372"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/56509"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/56513"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2012/dsa-2581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1621-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79381"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-05-13 16:59

Modified

2024-11-21 02:38

Severity ?

5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment.

References

URL	Tags
cve@mitre.org	http://www.securitytracker.com/id/1035873
cve@mitre.org	http://www.securitytracker.com/id/1035874
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1035873
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1035874
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_access_policy_manager	12.0.0
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.5.2
f5	big-ip_application_security_manager	11.5.3
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_application_security_manager	12.0.0
f5	big-ip_link_controller	11.3.0
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.5.2
f5	big-ip_link_controller	11.5.3
f5	big-ip_link_controller	11.6.0
f5	big-ip_link_controller	12.0.0
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_advanced_firewall_manager	12.0.0
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.5.2
f5	big-ip_analytics	11.5.3
f5	big-ip_analytics	11.6.0
f5	big-ip_analytics	12.0.0
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_advanced_firewall_manager	12.0.0
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-iq_device	4.2.0
f5	big-iq_security	4.0.0
f5	big-iq_security	4.1.0
f5	big-iq_security	4.2.0
f5	big-iq_security	4.3.0
f5	big-iq_security	4.4.0
f5	big-iq_security	4.5.0
f5	big-iq_application_delivery_controller	4.5.0
f5	big-ip_edge_gateway	11.3.0
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.5.2
f5	big-ip_global_traffic_manager	11.5.3
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_local_traffic_manager	10.2.0
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.5.2
f5	big-ip_local_traffic_manager	11.5.3
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_local_traffic_manager	12.0.0
f5	big-iq_cloud_and_orchestration	1.0.0
f5	big-iq_cloud	4.0.0
f5	big-iq_cloud	4.1.0
f5	big-iq_cloud	4.2.0
f5	big-iq_cloud	4.3.0
f5	big-iq_cloud	4.4.0
f5	big-iq_cloud	4.5.0
f5	big-iq_centralized_management	4.6.0
f5	big-iq_device	4.2.0
f5	big-iq_device	4.3.0
f5	big-iq_device	4.4.0
f5	big-iq_device	4.5.0
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.5.2
f5	big-ip_policy_enforcement_manager	11.5.3
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_policy_enforcement_manager	12.0.0
f5	big-ip_domain_name_system	12.0.0
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.5.2
f5	big-ip_application_acceleration_manager	11.5.3
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_application_acceleration_manager	12.0.0
f5	big-ip_enterprise_manager	3.0.0
f5	big-ip_enterprise_manager	3.1.0
f5	big-ip_enterprise_manager	3.1.1
f5	big-ip_edge_gateway	11.3.0
f5	big-ip_webaccelerator	11.3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13753E9F-11AA-41F4-930E-BD9866D03396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D04FC0C-5E44-4DAD-9542-C772EA35916C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE47FF9-E13D-41D3-BEA2-EF1B973CB0A9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment."
    },
    {
      "lang": "es",
      "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller y PEM 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4, 11.6.x en versiones anteriores a 11.6.1 y 12.x en versiones anteriores a 12.0.0 HF1; BIG-IP AAM 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4, 11.6.x en versiones anteriores a 11.6.1 y 12.x en versiones anteriores a 12.0.0 HF1; BIG-IP DNS 12.x en versiones anteriores a 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator y WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 y 11.6.x en versiones anteriores a 11.6.1; BIG-IP PSM 11.3.x y 11.4.x en versiones anteriores a 11.4.1 HF10; Enterprise Manager 3.0.0 hasta la versi\u00f3n 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 hasta la versi\u00f3n 4.5.0; BIG-IQ Device 4.2.0 hasta la versi\u00f3n 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; y BIG-IQ Cloud and Orchestration 1.0.0 en las plataformas 3900, 6900, 8900, 8950, 11000, 11050, PB100 y PB200, cuando las cookies del sofware SYN est\u00e1n configuradas en servidores virtuales, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue de High-Speed Bridge) a trav\u00e9s de un segmento TCP no v\u00e1lido."
    }
  ],
  "id": "CVE-2015-8099",
  "lastModified": "2024-11-21T02:38:00.867",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-05-13T16:59:05.873",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1035873"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1035874"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035873"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035874"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-09-24 18:48

Modified

2025-01-06 19:36

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.

References

URL	Tags
security@debian.org	http://advisories.mageia.org/MGASA-2014-0388.html	Third Party Advisory
security@debian.org	http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html	Broken Link, Third Party Advisory
security@debian.org	http://jvn.jp/en/jp/JVN55667175/index.html	Vendor Advisory
security@debian.org	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126	Third Party Advisory, VDB Entry, Vendor Advisory
security@debian.org	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673	Third Party Advisory
security@debian.org	http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html	Exploit, Issue Tracking, Third Party Advisory
security@debian.org	http://linux.oracle.com/errata/ELSA-2014-1293.html	Third Party Advisory
security@debian.org	http://linux.oracle.com/errata/ELSA-2014-1294.html	Third Party Advisory
security@debian.org	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html	Mailing List, Third Party Advisory
security@debian.org	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html	Mailing List, Third Party Advisory
security@debian.org	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html	Mailing List, Third Party Advisory
security@debian.org	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html	Mailing List, Third Party Advisory
security@debian.org	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html	Mailing List, Third Party Advisory
security@debian.org	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html	Mailing List, Third Party Advisory
security@debian.org	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html	Mailing List, Third Party Advisory
security@debian.org	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html	Mailing List, Third Party Advisory
security@debian.org	http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html	Mailing List, Third Party Advisory
security@debian.org	http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141216207813411&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141216668515282&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141235957116749&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141319209015420&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141330425327438&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141330468527613&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141345648114150&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141383026420882&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141383081521087&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141383138121313&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141383196021590&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141383244821813&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141383304022067&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141383353622268&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141383465822787&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141450491804793&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141576728022234&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141577137423233&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141577241923505&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141577297623641&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141585637922673&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141694386919794&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141879528318582&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=141879528318582&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=142113462216480&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=142113462216480&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=142118135300698&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=142118135300698&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=142118135300698&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=142358026505815&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=142358026505815&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=142358078406056&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=142546741516006&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=142719845423222&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=142719845423222&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=142721162228379&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=142721162228379&w=2	Mailing List, Third Party Advisory
security@debian.org	http://marc.info/?l=bugtraq&m=142805027510172&w=2	Mailing List, Third Party Advisory
security@debian.org	http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html	Exploit, Third Party Advisory, VDB Entry
security@debian.org	http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html	Exploit, Third Party Advisory, VDB Entry
security@debian.org	http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html	Exploit, Third Party Advisory, VDB Entry
security@debian.org	http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html	Exploit, Third Party Advisory, VDB Entry
security@debian.org	http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
security@debian.org	http://rhn.redhat.com/errata/RHSA-2014-1293.html	Third Party Advisory
security@debian.org	http://rhn.redhat.com/errata/RHSA-2014-1294.html	Third Party Advisory
security@debian.org	http://rhn.redhat.com/errata/RHSA-2014-1295.html	Third Party Advisory
security@debian.org	http://rhn.redhat.com/errata/RHSA-2014-1354.html	Third Party Advisory
security@debian.org	http://seclists.org/fulldisclosure/2014/Oct/0	Mailing List, Third Party Advisory
security@debian.org	http://secunia.com/advisories/58200	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/59272	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/59737	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/59907	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/60024	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/60034	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/60044	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/60055	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/60063	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/60193	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/60325	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/60433	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/60947	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61065	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61128	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61129	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61188	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61283	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61287	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61291	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61312	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61313	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61328	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61442	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61471	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61485	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61503	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61542	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61547	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61550	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61552	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61565	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61603	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61633	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61641	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61643	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61654	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61676	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61700	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61703	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61711	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61715	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61780	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61816	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61855	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61857	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/61873	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/62228	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/62312	Broken Link, Third Party Advisory
security@debian.org	http://secunia.com/advisories/62343	Broken Link, Third Party Advisory
security@debian.org	http://support.apple.com/kb/HT6495	Third Party Advisory
security@debian.org	http://support.novell.com/security/cve/CVE-2014-6271.html	Third Party Advisory
security@debian.org	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=swg21685541	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=swg21685604	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=swg21685733	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=swg21685749	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=swg21685914	Broken Link, Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686084	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686131	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686246	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686445	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686447	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686479	Broken Link, Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686494	Third Party Advisory
security@debian.org	http://www-01.ibm.com/support/docview.wss?uid=swg21687079	Third Party Advisory
security@debian.org	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315	Broken Link, Third Party Advisory
security@debian.org	http://www.debian.org/security/2014/dsa-3032	Mailing List, Third Party Advisory
security@debian.org	http://www.kb.cert.org/vuls/id/252743	Third Party Advisory, US Government Resource
security@debian.org	http://www.mandriva.com/security/advisories?name=MDVSA-2015:164	Broken Link, Third Party Advisory
security@debian.org	http://www.novell.com/support/kb/doc.php?id=7015701	Third Party Advisory
security@debian.org	http://www.novell.com/support/kb/doc.php?id=7015721	Third Party Advisory
security@debian.org	http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html	Third Party Advisory
security@debian.org	http://www.qnap.com/i/en/support/con_show.php?cid=61	Third Party Advisory
security@debian.org	http://www.securityfocus.com/archive/1/533593/100/0/threaded	Broken Link, Third Party Advisory, VDB Entry
security@debian.org	http://www.securityfocus.com/bid/70103	Broken Link, Third Party Advisory, VDB Entry
security@debian.org	http://www.ubuntu.com/usn/USN-2362-1	Third Party Advisory
security@debian.org	http://www.us-cert.gov/ncas/alerts/TA14-268A	Third Party Advisory, US Government Resource
security@debian.org	http://www.vmware.com/security/advisories/VMSA-2014-0010.html	Third Party Advisory
security@debian.org	http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0	Broken Link, Third Party Advisory
security@debian.org	https://access.redhat.com/articles/1200223	Exploit, Third Party Advisory
security@debian.org	https://access.redhat.com/node/1200223	Exploit, Third Party Advisory
security@debian.org	https://bugzilla.redhat.com/show_bug.cgi?id=1141597	Issue Tracking, Patch
security@debian.org	https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes	Broken Link, Third Party Advisory
security@debian.org	https://kb.bluecoat.com/index?page=content&id=SA82	Broken Link, Third Party Advisory
security@debian.org	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648	Third Party Advisory
security@debian.org	https://kc.mcafee.com/corporate/index?page=content&id=SB10085	Broken Link, Third Party Advisory
security@debian.org	https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/	Exploit, Third Party Advisory
security@debian.org	https://support.apple.com/kb/HT6535	Third Party Advisory
security@debian.org	https://support.citrix.com/article/CTX200217	Third Party Advisory
security@debian.org	https://support.citrix.com/article/CTX200223	Permissions Required
security@debian.org	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html	Third Party Advisory
security@debian.org	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075	Third Party Advisory
security@debian.org	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183	Broken Link, Third Party Advisory
security@debian.org	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts	Third Party Advisory
security@debian.org	https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006	Third Party Advisory
security@debian.org	https://www.exploit-db.com/exploits/34879/	Exploit, Third Party Advisory, VDB Entry
security@debian.org	https://www.exploit-db.com/exploits/37816/	Exploit, Third Party Advisory, VDB Entry
security@debian.org	https://www.exploit-db.com/exploits/38849/	Exploit, Third Party Advisory, VDB Entry
security@debian.org	https://www.exploit-db.com/exploits/39918/	Exploit, Third Party Advisory, VDB Entry
security@debian.org	https://www.exploit-db.com/exploits/40619/	Exploit, Third Party Advisory, VDB Entry
security@debian.org	https://www.exploit-db.com/exploits/40938/	Exploit, Third Party Advisory, VDB Entry
security@debian.org	https://www.exploit-db.com/exploits/42938/	Exploit, Third Party Advisory, VDB Entry
security@debian.org	https://www.suse.com/support/shellshock/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://advisories.mageia.org/MGASA-2014-0388.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN55667175/index.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126	Third Party Advisory, VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html	Exploit, Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://linux.oracle.com/errata/ELSA-2014-1293.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://linux.oracle.com/errata/ELSA-2014-1294.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141216207813411&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141216668515282&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141235957116749&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141319209015420&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141330425327438&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141330468527613&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141345648114150&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383026420882&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383081521087&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383138121313&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383196021590&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383244821813&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383304022067&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383353622268&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383465822787&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141450491804793&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141576728022234&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141577137423233&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141577241923505&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141577297623641&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141585637922673&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141694386919794&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141879528318582&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141879528318582&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142113462216480&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142113462216480&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142118135300698&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142118135300698&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142118135300698&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142358026505815&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142358026505815&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142358078406056&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142546741516006&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142719845423222&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142719845423222&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142721162228379&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142721162228379&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142805027510172&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1293.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1294.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1295.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1354.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2014/Oct/0	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/58200	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59272	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59737	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59907	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60024	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60034	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60044	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60055	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60063	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60193	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60325	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60433	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60947	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61065	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61128	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61129	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61188	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61283	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61287	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61291	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61312	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61313	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61328	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61442	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61471	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61485	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61503	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61542	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61547	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61550	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61552	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61565	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61603	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61633	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61641	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61643	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61654	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61676	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61700	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61703	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61711	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61715	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61780	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61816	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61855	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61857	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61873	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62228	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62312	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62343	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT6495	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.novell.com/security/cve/CVE-2014-6271.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21685541	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21685604	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21685733	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21685749	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21685914	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686084	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686131	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686246	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686445	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686447	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686479	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686494	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21687079	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2014/dsa-3032	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/252743	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2015:164	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/support/kb/doc.php?id=7015701	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/support/kb/doc.php?id=7015721	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.qnap.com/i/en/support/con_show.php?cid=61	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/533593/100/0/threaded	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/70103	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2362-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/ncas/alerts/TA14-268A	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2014-0010.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/articles/1200223	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/node/1200223	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1141597	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kb.bluecoat.com/index?page=content&id=SA82	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kc.mcafee.com/corporate/index?page=content&id=SB10085	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/kb/HT6535	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.citrix.com/article/CTX200217	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.citrix.com/article/CTX200223	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/34879/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/37816/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/38849/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/39918/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/40619/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/40938/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/42938/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.suse.com/support/shellshock/	Third Party Advisory

Impacted products

Vendor	Product	Version
gnu	bash	*
arista	eos	*
arista	eos	*
arista	eos	*
arista	eos	*
arista	eos	*
arista	eos	*
oracle	linux	4
oracle	linux	5
oracle	linux	6
qnap	qts	*
qnap	qts	4.1.1
qnap	qts	4.1.1
mageia	mageia	3.0
mageia	mageia	4.0
redhat	gluster_storage_server_for_on-premise	2.1
redhat	virtualization	3.4
redhat	enterprise_linux	4.0
redhat	enterprise_linux	5.0
redhat	enterprise_linux	6.0
redhat	enterprise_linux	7.0
redhat	enterprise_linux_desktop	5.0
redhat	enterprise_linux_desktop	6.0
redhat	enterprise_linux_desktop	7.0
redhat	enterprise_linux_eus	5.9
redhat	enterprise_linux_eus	6.4
redhat	enterprise_linux_eus	6.5
redhat	enterprise_linux_eus	7.3
redhat	enterprise_linux_eus	7.4
redhat	enterprise_linux_eus	7.5
redhat	enterprise_linux_eus	7.6
redhat	enterprise_linux_eus	7.7
redhat	enterprise_linux_for_ibm_z_systems	5.9_s390x
redhat	enterprise_linux_for_ibm_z_systems	6.4_s390x
redhat	enterprise_linux_for_ibm_z_systems	6.5_s390x
redhat	enterprise_linux_for_ibm_z_systems	7.3_s390x
redhat	enterprise_linux_for_ibm_z_systems	7.4_s390x
redhat	enterprise_linux_for_ibm_z_systems	7.5_s390x
redhat	enterprise_linux_for_ibm_z_systems	7.6_s390x
redhat	enterprise_linux_for_ibm_z_systems	7.7_s390x
redhat	enterprise_linux_for_power_big_endian	5.0_ppc
redhat	enterprise_linux_for_power_big_endian	5.9_ppc
redhat	enterprise_linux_for_power_big_endian	6.0_ppc64
redhat	enterprise_linux_for_power_big_endian	6.4_ppc64
redhat	enterprise_linux_for_power_big_endian	7.0_ppc64
redhat	enterprise_linux_for_power_big_endian_eus	6.5_ppc64
redhat	enterprise_linux_for_power_big_endian_eus	7.3_ppc64
redhat	enterprise_linux_for_power_big_endian_eus	7.4_ppc64
redhat	enterprise_linux_for_power_big_endian_eus	7.5_ppc64
redhat	enterprise_linux_for_power_big_endian_eus	7.6_ppc64
redhat	enterprise_linux_for_power_big_endian_eus	7.7_ppc64
redhat	enterprise_linux_for_scientific_computing	6.0
redhat	enterprise_linux_for_scientific_computing	7.0
redhat	enterprise_linux_server	5.0
redhat	enterprise_linux_server	6.0
redhat	enterprise_linux_server	7.0
redhat	enterprise_linux_server_aus	5.6
redhat	enterprise_linux_server_aus	5.9
redhat	enterprise_linux_server_aus	6.2
redhat	enterprise_linux_server_aus	6.4
redhat	enterprise_linux_server_aus	6.5
redhat	enterprise_linux_server_aus	7.3
redhat	enterprise_linux_server_aus	7.4
redhat	enterprise_linux_server_aus	7.6
redhat	enterprise_linux_server_aus	7.7
redhat	enterprise_linux_server_from_rhui	5.0
redhat	enterprise_linux_server_from_rhui	6.0
redhat	enterprise_linux_server_from_rhui	7.0
redhat	enterprise_linux_server_tus	6.5
redhat	enterprise_linux_server_tus	7.3
redhat	enterprise_linux_server_tus	7.6
redhat	enterprise_linux_server_tus	7.7
redhat	enterprise_linux_workstation	5.0
redhat	enterprise_linux_workstation	6.0
redhat	enterprise_linux_workstation	7.0
suse	studio_onsite	1.3
opensuse	opensuse	12.3
opensuse	opensuse	13.1
opensuse	opensuse	13.2
suse	linux_enterprise_desktop	11
suse	linux_enterprise_desktop	12
suse	linux_enterprise_server	10
suse	linux_enterprise_server	10
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
suse	linux_enterprise_server	12
suse	linux_enterprise_software_development_kit	11
suse	linux_enterprise_software_development_kit	12
debian	debian_linux	7.0
ibm	infosphere_guardium_database_activity_monitoring	8.2
ibm	infosphere_guardium_database_activity_monitoring	9.0
ibm	infosphere_guardium_database_activity_monitoring	9.1
ibm	pureapplication_system	*
ibm	pureapplication_system	*
ibm	pureapplication_system	2.0.0.0
ibm	qradar_risk_manager	7.1.0
ibm	qradar_security_information_and_event_manager	7.1.0
ibm	qradar_security_information_and_event_manager	7.1.0
ibm	qradar_security_information_and_event_manager	7.1.0
ibm	qradar_security_information_and_event_manager	7.1.1
ibm	qradar_security_information_and_event_manager	7.1.1
ibm	qradar_security_information_and_event_manager	7.1.1
ibm	qradar_security_information_and_event_manager	7.1.1
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.2
ibm	qradar_security_information_and_event_manager	7.2.0
ibm	qradar_security_information_and_event_manager	7.2.0
ibm	qradar_security_information_and_event_manager	7.2.0
ibm	qradar_security_information_and_event_manager	7.2.0
ibm	qradar_security_information_and_event_manager	7.2.1
ibm	qradar_security_information_and_event_manager	7.2.1
ibm	qradar_security_information_and_event_manager	7.2.1
ibm	qradar_security_information_and_event_manager	7.2.1
ibm	qradar_security_information_and_event_manager	7.2.2
ibm	qradar_security_information_and_event_manager	7.2.2
ibm	qradar_security_information_and_event_manager	7.2.2
ibm	qradar_security_information_and_event_manager	7.2.2
ibm	qradar_security_information_and_event_manager	7.2.2
ibm	qradar_security_information_and_event_manager	7.2.3
ibm	qradar_security_information_and_event_manager	7.2.3
ibm	qradar_security_information_and_event_manager	7.2.3
ibm	qradar_security_information_and_event_manager	7.2.3
ibm	qradar_security_information_and_event_manager	7.2.3
ibm	qradar_security_information_and_event_manager	7.2.4
ibm	qradar_security_information_and_event_manager	7.2.4
ibm	qradar_security_information_and_event_manager	7.2.4
ibm	qradar_security_information_and_event_manager	7.2.4
ibm	qradar_security_information_and_event_manager	7.2.4
ibm	qradar_security_information_and_event_manager	7.2.4
ibm	qradar_security_information_and_event_manager	7.2.4
ibm	qradar_security_information_and_event_manager	7.2.5
ibm	qradar_security_information_and_event_manager	7.2.5
ibm	qradar_security_information_and_event_manager	7.2.5
ibm	qradar_security_information_and_event_manager	7.2.5
ibm	qradar_security_information_and_event_manager	7.2.5
ibm	qradar_security_information_and_event_manager	7.2.5
ibm	qradar_security_information_and_event_manager	7.2.5
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.7
ibm	qradar_security_information_and_event_manager	7.2.7
ibm	qradar_security_information_and_event_manager	7.2.7
ibm	qradar_security_information_and_event_manager	7.2.7
ibm	qradar_security_information_and_event_manager	7.2.7
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8.15
ibm	qradar_security_information_and_event_manager	7.2.9
ibm	qradar_vulnerability_manager	7.2.0
ibm	qradar_vulnerability_manager	7.2.1
ibm	qradar_vulnerability_manager	7.2.2
ibm	qradar_vulnerability_manager	7.2.3
ibm	qradar_vulnerability_manager	7.2.4
ibm	qradar_vulnerability_manager	7.2.6
ibm	qradar_vulnerability_manager	7.2.6
ibm	qradar_vulnerability_manager	7.2.6
ibm	qradar_vulnerability_manager	7.2.6
ibm	qradar_vulnerability_manager	7.2.6
ibm	qradar_vulnerability_manager	7.2.6
ibm	qradar_vulnerability_manager	7.2.6
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	smartcloud_entry_appliance	2.3.0
ibm	smartcloud_entry_appliance	2.4.0
ibm	smartcloud_entry_appliance	3.1.0
ibm	smartcloud_entry_appliance	3.2.0
ibm	smartcloud_provisioning	2.1.0
ibm	software_defined_network_for_virtual_environments	*
ibm	software_defined_network_for_virtual_environments	*
ibm	software_defined_network_for_virtual_environments	*
ibm	starter_kit_for_cloud	2.2.0
ibm	workload_deployer	*
ibm	security_access_manager_for_mobile_8.0_firmware	8.0.0.1
ibm	security_access_manager_for_mobile_8.0_firmware	8.0.0.2
ibm	security_access_manager_for_mobile_8.0_firmware	8.0.0.3
ibm	security_access_manager_for_mobile_8.0_firmware	8.0.0.5
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.1
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.2
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.3
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.4
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.5
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.6
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.7
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.8
ibm	security_access_manager_for_web_8.0_firmware	8.0.0.2
ibm	security_access_manager_for_web_8.0_firmware	8.0.0.3
ibm	security_access_manager_for_web_8.0_firmware	8.0.0.5
ibm	storwize_v7000_firmware	*
ibm	storwize_v7000_firmware	*
ibm	storwize_v7000_firmware	*
ibm	storwize_v7000_firmware	*
ibm	storwize_v7000	-
ibm	storwize_v5000_firmware	*
ibm	storwize_v5000_firmware	*
ibm	storwize_v5000_firmware	*
ibm	storwize_v5000	-
ibm	storwize_v3700_firmware	*
ibm	storwize_v3700_firmware	*
ibm	storwize_v3700_firmware	*
ibm	storwize_v3700	-
ibm	storwize_v3500_firmware	*
ibm	storwize_v3500_firmware	*
ibm	storwize_v3500_firmware	*
ibm	storwize_v3500	-
ibm	flex_system_v7000_firmware	*
ibm	flex_system_v7000_firmware	*
ibm	flex_system_v7000_firmware	*
ibm	flex_system_v7000	-
ibm	san_volume_controller_firmware	*
ibm	san_volume_controller_firmware	*
ibm	san_volume_controller_firmware	*
ibm	san_volume_controller	-
ibm	stn6500_firmware	*
ibm	stn6500_firmware	*
ibm	stn6500_firmware	*
ibm	stn6500	-
ibm	stn6800_firmware	*
ibm	stn6800_firmware	*
ibm	stn6800_firmware	*
ibm	stn6800	-
ibm	stn7800_firmware	*
ibm	stn7800_firmware	*
ibm	stn7800_firmware	*
ibm	stn7800	-
canonical	ubuntu_linux	10.04
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	14.04
novell	zenworks_configuration_management	10.3
novell	zenworks_configuration_management	11
novell	zenworks_configuration_management	11.1
novell	zenworks_configuration_management	11.2
novell	zenworks_configuration_management	11.3.0
novell	open_enterprise_server	2.0
novell	open_enterprise_server	11.0
checkpoint	security_gateway	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_analytics	*
f5	big-ip_analytics	11.6.0
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_edge_gateway	*
f5	big-ip_edge_gateway	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	11.6.0
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_protocol_security_module	*
f5	big-ip_protocol_security_module	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	*
f5	big-iq_cloud	*
f5	big-iq_device	*
f5	big-iq_security	*
f5	enterprise_manager	*
f5	enterprise_manager	*
f5	traffix_signaling_delivery_controller	*
f5	traffix_signaling_delivery_controller	3.3.2
f5	traffix_signaling_delivery_controller	3.4.1
f5	traffix_signaling_delivery_controller	3.5.1
f5	traffix_signaling_delivery_controller	4.1.0
f5	arx_firmware	*
f5	arx	-
citrix	netscaler_sdx_firmware	*
citrix	netscaler_sdx_firmware	*
citrix	netscaler_sdx_firmware	*
citrix	netscaler_sdx	-
apple	mac_os_x	*
vmware	vcenter_server_appliance	5.0
vmware	vcenter_server_appliance	5.0
vmware	vcenter_server_appliance	5.0
vmware	vcenter_server_appliance	5.1
vmware	vcenter_server_appliance	5.1
vmware	vcenter_server_appliance	5.1
vmware	vcenter_server_appliance	5.5
vmware	vcenter_server_appliance	5.5
vmware	esx	4.0
vmware	esx	4.1

JSON

To clipboard

{
  "cisaActionDue": "2022-07-28",
  "cisaExploitAdd": "2022-01-28",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4DBE402-1B0A-4854-ABE5-891321454C25",
              "versionEndIncluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCA5A28D-79B6-4F3E-9C98-65D4DFAD8EE7",
              "versionEndExcluding": "4.9.12",
              "versionStartIncluding": "4.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B1DC7EF-C994-4252-9DFE-DCA63FB17AE0",
              "versionEndExcluding": "4.10.9",
              "versionStartIncluding": "4.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9056776F-03F6-4C3D-8635-37D66FD16EAA",
              "versionEndExcluding": "4.11.11",
              "versionStartIncluding": "4.11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFEE6963-F73F-4B71-B4F8-6E550FBDA5F6",
              "versionEndExcluding": "4.12.9",
              "versionStartIncluding": "4.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8296875A-64FA-4592-848A-A923126BD8AF",
              "versionEndExcluding": "4.13.9",
              "versionStartIncluding": "4.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "816A16AF-1F5E-483A-AA89-3022818FAE43",
              "versionEndExcluding": "4.14.4f",
              "versionStartIncluding": "4.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:linux:4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8421899-5D10-4C2B-88AA-3DA909FE3E67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*",
              "matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
              "matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE8B7F1F-22F6-4B10-A6E5-DE44B1D2E649",
              "versionEndExcluding": "4.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:4.1.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "F407EA72-BA1A-41A2-B699-874304A638A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:4.1.1:build_0927:*:*:*:*:*:*",
              "matchCriteriaId": "DDA25903-B334-438B-8196-B9E5119199D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F1E356-E019-47E8-AA5F-702DA93CF74E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F805A106-9A6F-48E7-8582-D3C5A26DFC11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC489F35-07F1-4C3E-80B9-78F0689BC54B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:virtualization:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "95CE35FC-266F-4025-A0B8-FB853C020800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6252E88C-27FF-420D-A64A-C34124CF7E6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5537E1-1E8E-49C5-B4CB-A8E2EE3F5088",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "804DFF9F-BAA8-4239-835B-6182471A224F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE496C0-35F7-44DC-B3F0-71EA3A613C38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "71179893-49F2-433C-A7AC-687075F9CC1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D4C43D8-02A5-4385-A89E-F265FEEC9E9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "37ECC029-3D84-4DD7-B28B-E5AD5559CF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CBED2A-B6B0-420E-BC40-160930D8662E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "652F7BB0-A6EA-45D0-86D4-49F4CA6C3EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:*:*:*:*:*:*:*",
              "matchCriteriaId": "29BBF1AC-F31F-4251-8054-0D89A8E6E990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52A4A2F-6385-4E5F-B2C7-0EF7267546F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D8D654F-2442-4EA0-AF89-6AC2CD214772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8ED0658-5F8F-48F0-A605-A2205DA27DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BCF87FD-9358-42A5-9917-25DF0180A5A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "C385DA76-4863-4D39-84D2-9D185D322365",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "188019BF-3700-4B3F-BFA5-553B2B545B7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8B2E32-B838-4E51-BAA2-764089D2A684",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "4319B943-7B19-468D-A160-5895F7F997A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "634C23AC-AC9C-43F4-BED8-1C720816D5E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB6ADFB8-210D-4E46-82A2-1C8705928382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C9F1C4-55B0-426D-BB5E-01372C23AF97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8821E5FE-319D-40AB-A515-D56C1893E6F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "74BCA435-7594-49E8-9BAE-9E02E129B6C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
              "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*",
              "matchCriteriaId": "CED02712-1031-4206-AC4D-E68710F46EC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
              "matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*",
              "matchCriteriaId": "7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
              "matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
              "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
              "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
              "matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
              "matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "94C9C346-6DEC-4C72-9F59-BB3BEC42B551",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2071DABB-7102-47F2-A15F-A6C03607D01F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8661E86-E075-427F-8E05-7A33811A3A76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEFCC35D-1C83-4CA5-8B1D-9A637613AD7E",
              "versionEndIncluding": "1.0.0.4",
              "versionStartIncluding": "1.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "054736AF-96E0-491D-B824-CC4A35B76E14",
              "versionEndIncluding": "1.1.0.4",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "575894EE-F13C-4D56-8B63-59A379F63BD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E476AEB-AD38-4033-8426-DC502497D75A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C062C89-5DC2-46EE-A9D3-23E7539A5DAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*",
              "matchCriteriaId": "20981443-6A64-4852-B2CB-3299927C6F78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2:*:*:*:*:*:*",
              "matchCriteriaId": "59761BB8-FCC7-4D15-88A8-82076CCF196F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "CF399B2E-8413-4B80-A0C0-E61E8A0A8604",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*",
              "matchCriteriaId": "230EBA53-66AF-432B-B4C1-08D8FC903B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*",
              "matchCriteriaId": "789F398A-5CB2-48F8-AF8F-05BF0A8E04B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*",
              "matchCriteriaId": "EF102659-B067-473E-AA37-EA90A82D1864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "81DF915D-D764-4C21-B213-0ADFD844E9DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*",
              "matchCriteriaId": "C29A4119-A992-4713-85D6-4FDED7CD416A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*",
              "matchCriteriaId": "4CA59C9D-74C2-4AFC-B1D1-1BC305FD493B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*",
              "matchCriteriaId": "5720A37E-1DB5-45BA-9FDE-0EAEFE1F2257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*",
              "matchCriteriaId": "F03006B7-037B-491F-A09F-DEB2FF076754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*",
              "matchCriteriaId": "FE78AED4-AD60-406C-82E0-BA52701B49BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "3D0B71F0-CCED-4E23-989A-3E9E2D71307C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*",
              "matchCriteriaId": "5CF8FC22-C556-451C-B928-F5AF8DF4BF45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*",
              "matchCriteriaId": "081D3B14-45F6-4F96-944B-94D967FEFA26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*",
              "matchCriteriaId": "DE2C36B5-43F8-401B-B420-1FA5F13A4D6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*",
              "matchCriteriaId": "D922DC5A-63F6-4188-BCDE-BB987402E47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*",
              "matchCriteriaId": "BFD5737C-AAE8-4C8D-BCFE-FFDF5DA4221C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*",
              "matchCriteriaId": "C2BCC22C-A32B-4945-AFBC-777DBE248FB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*",
              "matchCriteriaId": "92F92890-63B0-4918-A147-8852B6E2FA8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8016ECD3-4417-47A8-9493-C9F9EDF5FAA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "ED0B143A-5386-4375-AEB2-48619B2B1EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*",
              "matchCriteriaId": "E7ECA734-9E95-484F-B880-2491A0E2531B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*",
              "matchCriteriaId": "5D7CD9E9-033C-44B8-A68C-47AC260873E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*",
              "matchCriteriaId": "07B660DC-A94F-48F0-A2F4-1C39CC4751A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "44D355AE-A8C0-4D7B-87FE-5D4138B6BB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1:*:*:*:*:*:*",
              "matchCriteriaId": "329C8551-98D1-4255-B598-9E75A071C186",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2:*:*:*:*:*:*",
              "matchCriteriaId": "FD0687B7-F374-4368-AD9E-041123B23A6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D0330E77-454E-4E77-9628-50681B748491",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "3863726E-15AD-4A47-85CB-0C9965E76EF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1:*:*:*:*:*:*",
              "matchCriteriaId": "5C07D9DC-E6C1-4FB0-86F1-144FD51B08CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "3105129C-8FE8-4BF0-8CB9-A7F3F7FE1107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D1F35447-889F-4CE9-9473-87046B4707EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4:*:*:*:*:*:*",
              "matchCriteriaId": "A3A5DFC0-BBD7-430C-A026-E1F34E08894D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "141E8F6A-3998-4F22-A717-3F52BC998F97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1:*:*:*:*:*:*",
              "matchCriteriaId": "F09AA197-BB55-4CF0-AC29-4449C07DE510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2:*:*:*:*:*:*",
              "matchCriteriaId": "3E468E33-B183-4830-97E2-EAF9FD3758E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3:*:*:*:*:*:*",
              "matchCriteriaId": "738C8F2B-3D3E-4E1F-977A-05D3A39F115D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4:*:*:*:*:*:*",
              "matchCriteriaId": "1ED03E83-909B-423F-81F2-34AB7F24BBE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "9778E8AA-A034-4B04-A42E-6A182378C7DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1:*:*:*:*:*:*",
              "matchCriteriaId": "AEE15598-4064-4E31-86BA-7851AA4B76C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2:*:*:*:*:*:*",
              "matchCriteriaId": "59FE3789-FB47-4939-B9AA-86D203445526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3:*:*:*:*:*:*",
              "matchCriteriaId": "2F96389A-82B9-42DE-8E93-D2B2EE610F7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4:*:*:*:*:*:*",
              "matchCriteriaId": "3131CDA5-1C4D-489C-8788-FA396F8ADB2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5:*:*:*:*:*:*",
              "matchCriteriaId": "DCC7DF3E-658C-41D7-A4AC-433440A02092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6:*:*:*:*:*:*",
              "matchCriteriaId": "EEBB12B8-4EF6-42B9-9D28-A9CA129B0FBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-:*:*:*:*:*:*",
              "matchCriteriaId": "279C30FB-EA1C-4D1D-A37E-F1EEF79F19F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1:*:*:*:*:*:*",
              "matchCriteriaId": "D6870C1E-E4A4-4666-89DB-D72C8100D27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2:*:*:*:*:*:*",
              "matchCriteriaId": "BE183CA0-FFBB-4746-8BBE-5D1910DD2100",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D04B5EBF-C94C-4A44-9A7E-75623CAF832C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4:*:*:*:*:*:*",
              "matchCriteriaId": "5723FDF4-198B-488E-B075-F528EC6E4D18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5:*:*:*:*:*:*",
              "matchCriteriaId": "7E23A972-5BCA-4C7E-B6F9-AD54992861A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6:*:*:*:*:*:*",
              "matchCriteriaId": "1D00AFC9-8A9C-4BB1-9E60-BC6D552DC8E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "BFE4D0FF-6445-4E14-9536-ADB32662B346",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1:*:*:*:*:*:*",
              "matchCriteriaId": "C7FC4FDA-1C8D-4D7A-B5EA-D905FA830805",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2:*:*:*:*:*:*",
              "matchCriteriaId": "753AA0F3-09F4-4E34-8E72-FAFD8BFE18EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3:*:*:*:*:*:*",
              "matchCriteriaId": "9AC763FD-C143-4CA3-9A24-D50C9ED243D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4:*:*:*:*:*:*",
              "matchCriteriaId": "299C6CBE-905F-4E59-AF2F-89A1CD767916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5:*:*:*:*:*:*",
              "matchCriteriaId": "78538461-1B7E-4712-AA8D-D2EA3477635B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6:*:*:*:*:*:*",
              "matchCriteriaId": "E3FF46F1-EF19-49D7-9EDD-44441C1A3F94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7:*:*:*:*:*:*",
              "matchCriteriaId": "D9F91FB6-7D8F-4D89-B6BA-2C6DF15B9A51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "5725106C-A650-4C24-9636-1200BD44CCA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1:*:*:*:*:*:*",
              "matchCriteriaId": "F1501425-96F7-487B-9588-FDA2DAC3790A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2:*:*:*:*:*:*",
              "matchCriteriaId": "48D95998-9434-4AFF-9983-0D7AC34176A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D60BB309-860D-4D74-B08F-F94AFE84C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4:*:*:*:*:*:*",
              "matchCriteriaId": "F63E864E-6323-41B4-956F-51F9364DFAE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "EC724282-7431-465E-8E60-4037121B8838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*",
              "matchCriteriaId": "73151221-C102-4425-9316-1EE4CAAB6531",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10:*:*:*:*:*:*",
              "matchCriteriaId": "D1E9DDCD-6D22-4175-94EF-D8A5457E7355",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11:*:*:*:*:*:*",
              "matchCriteriaId": "35AB906F-43CD-4D54-8274-1FD551532E58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12:*:*:*:*:*:*",
              "matchCriteriaId": "1ADC75F0-B27E-4B15-B829-482FBA0063A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13:*:*:*:*:*:*",
              "matchCriteriaId": "D015D670-8AEA-49A3-8D22-9E3009322EB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14:*:*:*:*:*:*",
              "matchCriteriaId": "C18F3CC3-9BCF-4DE8-B7CA-59587D5E61F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15:*:*:*:*:*:*",
              "matchCriteriaId": "E543BC0F-ADFB-4CF2-BC6C-90DC76BE3A95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16:*:*:*:*:*:*",
              "matchCriteriaId": "28CE650B-BE03-4EDF-BE27-2FA6657F7A52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*",
              "matchCriteriaId": "2356A4E6-561B-40CA-8348-B30D581B1E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*",
              "matchCriteriaId": "74509F3F-840E-48B8-88B1-EA4FFB90ACC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*",
              "matchCriteriaId": "BE7BD528-628F-4CA9-9FE8-8A79BDC97680",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*",
              "matchCriteriaId": "26118C2B-78CC-4038-9DEA-7A9417029790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*",
              "matchCriteriaId": "29EBC1DD-6949-4B12-8CA5-EE2BCDB8C4C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7:*:*:*:*:*:*",
              "matchCriteriaId": "4F445D93-D482-4A74-810D-66D78CBCAFED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8:*:*:*:*:*:*",
              "matchCriteriaId": "2C9F200C-ECC9-4D51-AFE7-E99C16D09148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9:*:*:*:*:*:*",
              "matchCriteriaId": "56B87CB5-0F77-4040-BB58-9DBF5723A4FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4B3321B-11AD-43EB-867C-FA4FA6A5421E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB104CA-55CD-4B9E-A2F7-CC06E57663CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4975223D-9E31-4CEC-A4B6-C0996828B855",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "22E0F4A7-B8BD-42D1-92DB-2B510FFC9C36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C15C820B-4778-4B8F-8BD8-E996F1D4062D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42E70EE-2E23-4D92-ADE0-9177B9EDD430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "01C91446-4A36-4FCE-A973-3E6F813FABC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1:*:*:*:*:*:*",
              "matchCriteriaId": "58281E62-E350-4B0D-9322-8BA1E1773CB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2:*:*:*:*:*:*",
              "matchCriteriaId": "BF1A152E-5795-4319-BD4D-855DE19C744C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3:*:*:*:*:*:*",
              "matchCriteriaId": "438FCE7F-035A-4D89-96FE-EE5278C85493",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4:*:*:*:*:*:*",
              "matchCriteriaId": "80900F2C-7CFA-4C40-A6B5-51E12C3DA187",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5:*:*:*:*:*:*",
              "matchCriteriaId": "DDE9A060-1D4D-46E5-A34F-CC4CFA260D94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6:*:*:*:*:*:*",
              "matchCriteriaId": "33F900E6-AE47-4789-A337-70C6BEF22895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7:*:*:*:*:*:*",
              "matchCriteriaId": "AD2E5054-2151-414D-A88F-6697FF280D41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "3EB09361-372E-4F51-B255-C7D2DB41969F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1:*:*:*:*:*:*",
              "matchCriteriaId": "A36D6991-3728-4F60-A443-37652DFAA053",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10:*:*:*:*:*:*",
              "matchCriteriaId": "4142CC4E-9F0D-4017-8D17-D59FBCEB36F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11:*:*:*:*:*:*",
              "matchCriteriaId": "63C0F7CA-5F3C-41D4-AAD6-084643115D85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12:*:*:*:*:*:*",
              "matchCriteriaId": "1D16C66D-15BF-4EB8-8D78-DF12A69BD7F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13:*:*:*:*:*:*",
              "matchCriteriaId": "81C388DC-0941-4D08-8C1C-BD43D9B0DC8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14:*:*:*:*:*:*",
              "matchCriteriaId": "45CD14D8-665A-46C5-8387-33FF266822A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15:*:*:*:*:*:*",
              "matchCriteriaId": "D510329D-B39E-4E2B-AAEC-1FDA7869C9E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16:*:*:*:*:*:*",
              "matchCriteriaId": "4640FE06-4D22-442E-A0E0-76EEFAF6ECB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17:*:*:*:*:*:*",
              "matchCriteriaId": "6A846C69-CA94-4F5E-9E02-69EA6680549E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2:*:*:*:*:*:*",
              "matchCriteriaId": "F3E63ECF-25CB-4E7F-BF51-B4D7B3541AE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3:*:*:*:*:*:*",
              "matchCriteriaId": "FF14DD4F-6779-4B17-AB1B-D4DE58E7E231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4:*:*:*:*:*:*",
              "matchCriteriaId": "7AAEE176-631A-41B9-BC40-93F866DA9D5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5:*:*:*:*:*:*",
              "matchCriteriaId": "75C963D5-F2D1-49EE-93B5-CA7FE7EAB98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6:*:*:*:*:*:*",
              "matchCriteriaId": "9388D932-9818-4A68-9543-B0643166DB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7:*:*:*:*:*:*",
              "matchCriteriaId": "770A9287-C910-4690-9402-0C0B7BAC8912",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8:*:*:*:*:*:*",
              "matchCriteriaId": "3F8AC068-D5AC-4042-8A7C-5B95EA0E85F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9:*:*:*:*:*:*",
              "matchCriteriaId": "B503F1F7-F439-420D-B465-9A51CCECAB06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27948B08-C452-41FB-B41F-6ADB3AAE087E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AB8FB4C-5BBC-420D-84F0-C8424DC25CD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAF1F14C-DB2C-40A8-B899-C127C7ECC0D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E87FA9CC-D201-430F-8FE6-8C9A88CEAB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D7F2743-71BB-4011-B919-7E8032B6B72F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:kvm:*:*:*",
              "matchCriteriaId": "3738FAC6-B90B-4014-9E86-17ED6D19D23D",
              "versionEndExcluding": "1.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:openflow:*:*:*",
              "matchCriteriaId": "35B6634E-4F09-423C-87E7-59D4127CC023",
              "versionEndExcluding": "1.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:vmware:*:*:*",
              "matchCriteriaId": "0A7A7100-A1DA-4191-A4C1-D930829A3DC2",
              "versionEndExcluding": "1.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "83739ED7-37F1-4712-8C81-E56F58790240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:workload_deployer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CDD227E-1F98-4F73-BB65-3820F39127F0",
              "versionEndIncluding": "3.1.0.7",
              "versionStartIncluding": "3.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CB18F38-AC6A-406A-A4DD-40688B803744",
              "versionEndExcluding": "1.4.3.5",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE781C8-40F7-4F6D-8FED-8EB3071FE9DB",
              "versionEndExcluding": "1.5.0.4",
              "versionStartIncluding": "1.5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5AB3395-B458-49F8-A8E3-25FF0C1C3BD3",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EC57FAE-AD4D-4C9F-97A4-581C977B5FE4",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47A17EE0-7D3E-4CD7-984C-BB17BF6F4BFD",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A46CF2-392A-4BB9-B4BF-DE8C5228CAAE",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C4EF774-BD92-444D-9583-25DB97CDA4F3",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8753BBDB-A858-4A51-A8FD-8DF8DF2734A0",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FB9850A-3308-4277-A68C-AD418612101E",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C84D7A48-6745-49D3-AE52-31DD7EEC0D61",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A1A3A3E-5636-4422-9B7B-B3D97989E674",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7384B993-049F-48D7-86D6-FE221C783245",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1DF6129-9CEA-4812-800F-A6FD5095D60E",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79788A89-4152-4B4B-BFF0-518D90EE4D2B",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "680738C5-63D5-4F60-9610-FD0D87FCBBCA",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "872E2102-6BE6-42B6-93B0-942B7DABCBDA",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DACA26CF-7C3F-4215-B032-ED9C5EFD57D8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E31991-DF33-4F00-8430-7B626E8174CE",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2E25BB0-6F5A-4A7B-9147-D4E17014C747",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80C1675-4948-45DC-B593-EDB1354E42F3",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CE69F8D-5EEE-4BC7-939C-CE71BCD2E11D",
              "versionEndExcluding": "3.8.0.07",
              "versionStartIncluding": "3.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDEC166F-A967-4616-B9EF-503054EFD197",
              "versionEndExcluding": "3.9.1.08",
              "versionStartIncluding": "3.9.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713E71BC-16F5-41E3-9816-74D5E8D8C9A9",
              "versionEndExcluding": "4.1.2.06",
              "versionStartIncluding": "4.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:stn6500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D2487E0-046C-476F-BFF4-EF77D9E856D8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0287F3CD-2151-491D-8BC3-6D3921BE8FFA",
              "versionEndExcluding": "3.8.0.07",
              "versionStartIncluding": "3.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4179899-87B4-42C3-8245-9A34EC04F6A1",
              "versionEndExcluding": "3.9.1.08",
              "versionStartIncluding": "3.9.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8CED766-9742-4037-8005-F0BDDE9176DD",
              "versionEndExcluding": "4.1.2.06",
              "versionStartIncluding": "4.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:stn6800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41EEAEC-08AE-4478-8977-5A4D7B48C175",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "298C961D-5E5F-4277-B192-A4C29243BECC",
              "versionEndExcluding": "3.8.0.07",
              "versionStartIncluding": "3.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5A76C40-BA90-4FBD-8DFF-4AF8F952963A",
              "versionEndExcluding": "3.9.1.08",
              "versionStartIncluding": "3.9.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0663FBC-01C0-4AD8-A0B8-6097E537D352",
              "versionEndExcluding": "4.1.2.06",
              "versionStartIncluding": "4.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:stn7800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE145DE3-3C9B-4949-B6D4-9B259372CCE0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ABC25E5-76CD-469B-879A-B1F7109D0181",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "98942F6C-330F-459A-B2B4-72572DB4070E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5A92B0C-7256-45F0-8E0C-ADFEF36CF43D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C0BAB94-6521-4B57-9E56-A57BA5E20C24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A7788E5-93B9-4149-8823-2ACBA5CF17E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:novell:open_enterprise_server:2.0:sp3:*:*:*:linux_kernel:*:*",
              "matchCriteriaId": "B41B4ECD-6F30-46F5-A559-1CEFC7964873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*",
              "matchCriteriaId": "D42ADCD9-1455-401C-B94F-D367A78A2B97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:checkpoint:security_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2853A787-E5F1-4455-9482-7C538B80556C",
              "versionEndExcluding": "r77.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E910D60-1145-4229-9890-80D2D67C3845",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BBEF73-E87D-467F-85EB-47BE212DF0E8",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE23220D-E364-41B7-A440-43B3AA4A716A",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C483253F-841E-4D4E-9B4A-932E9D07268B",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F0E7766-BDB4-42AB-B6CC-6B4E86A10038",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06BA93C0-A7AE-4A8E-BD74-08149A204463",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E0D8F52-0EAD-4E02-A8D8-CBAE2CDC703B",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6D61BF2-69D8-4AD2-85CD-D87F640A6888",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9828CBA5-BB72-46E2-987D-633A5B3E2AFF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC24B891-6DBA-4C02-B4CF-8D1CA53B4B74",
              "versionEndIncluding": "4.4.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BB0FDAC-C49D-4E63-ACA9-7BAD7C93A5D2",
              "versionEndIncluding": "4.4.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AEB1FC5-1179-4DE9-99A2-D650167A7A60",
              "versionEndIncluding": "4.4.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ADD1B04-9F78-40B3-8314-6935277073B0",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F",
              "versionEndIncluding": "3.1.1",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1343FBDC-4BF0-403B-B257-96672F092263",
              "versionEndIncluding": "4.0.5",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C138527-73D3-4AEE-BFAB-1D240A585A0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F2EB3D6-EF4C-4241-A31E-3990664004A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F0CD8F8-26CE-43F0-87EB-A08F1D1EDB25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D1168D2-93D5-4415-A666-B4BE0B2AC201",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:f5:arx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A2FBA9-207F-4F16-932D-BF0BA3440503",
              "versionEndIncluding": "6.4.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:f5:arx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C6AC80F-9D91-468D-BEE3-6A0759723673",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF1DB4B7-AFCC-4D56-95BA-C66AB7A36680",
              "versionEndExcluding": "9.3.67.5r1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "665EF643-3CDC-4518-9693-0D49F0870283",
              "versionEndExcluding": "10.1.129.11r1",
              "versionStartIncluding": "10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAE3CC45-49E5-40DE-B5C3-52A754A9C599",
              "versionEndExcluding": "10.5.52.11r1",
              "versionStartIncluding": "10.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:citrix:netscaler_sdx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8968E39A-1E16-4B7F-A16A-190EBC20D04F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "864B5480-704F-4636-A938-7D95AD4223AD",
              "versionEndExcluding": "10.10.0",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35D34345-0AD1-499C-9A74-982B2D3F305A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "3DF3F07E-6F4E-4B97-B313-7DA3E8A88451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "5C98B0EA-7A52-4BDF-90C2-38797FC2B75A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FECF06B5-3915-48F0-A140-41C7A27EE99D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "BBD8B161-0A07-492F-89E4-7A0BD02F6464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "F3E8E0E1-FF63-425D-8C22-86B16CFB7B1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-:*:*:*:*:*:*",
              "matchCriteriaId": "29DF8DD7-B5CC-4152-A726-1D48459068D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "DB2E2AAD-E221-4227-A41B-DC01BFDFCD6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\"  NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix."
    },
    {
      "lang": "es",
      "value": "GNU Bash hasta la versi\u00f3n 4.3 procesa cadenas finales despu\u00e9s de las definiciones de funciones en los valores de variables de entorno, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un entorno manipulado, tal como se ha demostrado por vectores que involucran la caracter\u00edstica ForceCommand en sshd OpenSSH, los m\u00f3dulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en las cuales el ajuste de entorno ocurre a trav\u00e9s de un l\u00edmite privilegiado de la ejecuci\u00f3n de Bash, tambi\u00e9n conocido como \"ShellShock.\" NOTA: la reparaci\u00f3n original para este problema era incorrecta; CVE-2014-7169 ha sido asignada para cubrir la vulnerabilidad que todav\u00eda est\u00e1 presente despu\u00e9s de la soluci\u00f3n incorrecta."
    }
  ],
  "id": "CVE-2014-6271",
  "lastModified": "2025-01-06T19:36:17.117",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2014-09-24T18:48:04.477",
  "references": [
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://advisories.mageia.org/MGASA-2014-0388.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/58200"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59272"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59737"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59907"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60024"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60034"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60044"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60055"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60063"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60193"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60325"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60433"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60947"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61065"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61128"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61129"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61188"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61283"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61287"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61291"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61312"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61313"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61328"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61442"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61471"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61485"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61503"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61542"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61547"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61550"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61552"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61565"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61603"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61633"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61641"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61643"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61654"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61676"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61700"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61703"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61711"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61715"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61780"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61816"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61855"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61857"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61873"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/62228"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/62312"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/62343"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6495"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-3032"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/252743"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/70103"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2362-1"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/articles/1200223"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/node/1200223"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/kb/HT6535"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.citrix.com/article/CTX200217"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "https://support.citrix.com/article/CTX200223"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/34879/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/37816/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/38849/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/39918/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/40619/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/40938/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/42938/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.suse.com/support/shellshock/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://advisories.mageia.org/MGASA-2014-0388.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/58200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59737"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59907"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60063"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60193"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60325"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60433"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60947"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61128"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61188"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61442"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61485"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61542"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61547"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61550"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61552"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61565"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61603"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61643"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61654"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61676"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61700"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61703"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61711"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61715"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61816"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61855"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61873"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/62228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/62312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/62343"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-3032"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/252743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/70103"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2362-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/articles/1200223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/node/1200223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/kb/HT6535"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.citrix.com/article/CTX200217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "https://support.citrix.com/article/CTX200223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/34879/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/37816/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/38849/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/39918/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/40619/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/40938/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/42938/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.suse.com/support/shellshock/"
    }
  ],
  "sourceIdentifier": "security@debian.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-10-28 14:55

Modified

2024-11-21 02:09

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://www.securitytracker.com/id/1030776
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html	Vendor Advisory
cve@mitre.org	https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1030776
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt	Exploit

Impacted products

Vendor	Product	Version
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_application_security_manager	10.1.0
f5	big-ip_application_security_manager	10.2.0
f5	big-ip_application_security_manager	10.2.1
f5	big-ip_application_security_manager	10.2.2
f5	big-ip_application_security_manager	10.2.3
f5	big-ip_application_security_manager	10.2.4
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_application_security_manager	11.1.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	enterprise_manager	3.0.0
f5	enterprise_manager	3.1.0
f5	enterprise_manager	3.1.1
f5	enterprise_manager	2.1.0
f5	enterprise_manager	2.2.0
f5	enterprise_manager	2.3.0
f5	big-ip_edge_gateway	10.1.0
f5	big-ip_edge_gateway	10.2.0
f5	big-ip_edge_gateway	10.2.1
f5	big-ip_edge_gateway	10.2.2
f5	big-ip_edge_gateway	10.2.3
f5	big-ip_edge_gateway	10.2.4
f5	big-ip_edge_gateway	11.0.0
f5	big-ip_edge_gateway	11.1.0
f5	big-ip_edge_gateway	11.2.0
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_edge_gateway	11.3.0
f5	big-ip_global_traffic_manager	10.1.0
f5	big-ip_global_traffic_manager	10.2.0
f5	big-ip_global_traffic_manager	10.2.1
f5	big-ip_global_traffic_manager	10.2.2
f5	big-ip_global_traffic_manager	10.2.3
f5	big-ip_global_traffic_manager	10.2.4
f5	big-ip_global_traffic_manager	11.0.0
f5	big-ip_global_traffic_manager	11.1.0
f5	big-ip_global_traffic_manager	11.2.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_link_controller	10.1.0
f5	big-ip_link_controller	10.2.0
f5	big-ip_link_controller	10.2.1
f5	big-ip_link_controller	10.2.2
f5	big-ip_link_controller	10.2.3
f5	big-ip_link_controller	10.2.4
f5	big-ip_link_controller	11.0.0
f5	big-ip_link_controller	11.1.0
f5	big-ip_link_controller	11.2.0
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.3.0
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_local_traffic_manager	10.1.0
f5	big-ip_local_traffic_manager	10.2.0
f5	big-ip_local_traffic_manager	10.2.1
f5	big-ip_local_traffic_manager	10.2.2
f5	big-ip_local_traffic_manager	10.2.3
f5	big-ip_local_traffic_manager	10.2.4
f5	big-ip_local_traffic_manager	11.0.0
f5	big-ip_local_traffic_manager	11.1.0
f5	big-ip_local_traffic_manager	11.2.0
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_access_policy_manager	10.1.0
f5	big-ip_access_policy_manager	10.2.0
f5	big-ip_access_policy_manager	10.2.1
f5	big-ip_access_policy_manager	10.2.2
f5	big-ip_access_policy_manager	10.2.3
f5	big-ip_access_policy_manager	10.2.4
f5	big-ip_access_policy_manager	11.0.0
f5	big-ip_access_policy_manager	11.1.0
f5	big-ip_access_policy_manager	11.2.0
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_protocol_security_module	10.1.0
f5	big-ip_protocol_security_module	10.2.0
f5	big-ip_protocol_security_module	10.2.1
f5	big-ip_protocol_security_module	10.2.2
f5	big-ip_protocol_security_module	10.2.3
f5	big-ip_protocol_security_module	10.2.4
f5	big-ip_protocol_security_module	11.0.0
f5	big-ip_protocol_security_module	11.1.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_webaccelerator	10.1.0
f5	big-ip_webaccelerator	10.2.0
f5	big-ip_webaccelerator	10.2.1
f5	big-ip_webaccelerator	10.2.2
f5	big-ip_webaccelerator	10.2.3
f5	big-ip_webaccelerator	10.2.4
f5	big-ip_webaccelerator	11.0.0
f5	big-ip_webaccelerator	11.1.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0
f5	big-ip_wan_optimization_manager	10.1.0
f5	big-ip_wan_optimization_manager	10.2.0
f5	big-ip_wan_optimization_manager	10.2.1
f5	big-ip_wan_optimization_manager	10.2.2
f5	big-ip_wan_optimization_manager	10.2.3
f5	big-ip_wan_optimization_manager	10.2.4
f5	big-ip_wan_optimization_manager	11.0.0
f5	big-ip_wan_optimization_manager	11.1.0
f5	big-ip_wan_optimization_manager	11.2.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-ip_analytics	11.0.0
f5	big-ip_analytics	11.1.0
f5	big-ip_analytics	11.2.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C580F19-AF18-49EE-89FF-8C4F5C88314D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:enterprise_manager:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE619B40-18EB-4F01-A416-63A66577F14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:enterprise_manager:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "003DFFC0-C51B-43B8-897A-6AD71A7B60FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:enterprise_manager:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "05803D5C-15CD-4600-9703-951D28173E49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de XSS en tmui/dashboard/echo.jsp en la utilidad Configuration en F5 BIG-IP LTM, APM, ASM, GTM, y Link Controller 11.0.0 anterior a 11.6.0 y 10.1.0 hasta 10.2.4, AAM 11.4.0 anterior a 11.6.0, AFM y PEM 11.3.0 anterior a 11.6.0, Analytics 11.0.0 hasta 11.5.1, Edge Gateway, WebAccelerator, y WOM 11.0.0 hasta 11.3.0 y 10.1.0 hasta 10.2.4, y PSM 11.0.0 hasta 11.4.1 y 10.1.0 hasta 10.2.4 y Enterprise Manager 3.0.0 hasta 3.1.1 y 2.1.0 hasta 2.3.0 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2014-4023",
  "lastModified": "2024-11-21T02:09:21.590",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2014-10-28T14:55:05.987",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1030776"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1030776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-06-03 14:55

Modified

2024-11-21 02:09

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/58969
cve@mitre.org	http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/67771	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id/1030319	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id/1030320	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/58969
af854a3a-2127-422b-91ae-364da2661108	http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/67771	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1030319	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1030320	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.2.1
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.5.1
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_edge_gateway	11.3.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.5.1
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0
f5	enterprise_manager	3.0.0
f5	enterprise_manager	3.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FDC1C0F-A00A-456C-AB51-CD139B15CB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de XSS en list.jsp en la utilidad de configuraci\u00f3n en F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM y Link Controller 11.2.1 hasta 11.5.1, AAM 11.4.0 hasta 11.5.1, PEM 11.3.0 hasta 11.5.1, PSM 11.2.1 hasta 11.4.1, WebAccelerator y WOM 11.2.1 hasta 11.3.0 y Enterprise Manager 3.0.0 hasta 3.1.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de par\u00e1metros no especificados."
    }
  ],
  "id": "CVE-2014-3959",
  "lastModified": "2024-11-21T02:09:13.237",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2014-06-03T14:55:11.490",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/58969"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/67771"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1030319"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1030320"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58969"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/67771"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1030319"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1030320"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-08-26 14:59

Modified

2024-11-21 02:46

Severity ?

4.9 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Summary

The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/bid/92671
cve@mitre.org	http://www.securitytracker.com/id/1036631	Third Party Advisory, VDB Entry
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/92671
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036631	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_webaccelerator	11.0.0
f5	big-ip_webaccelerator	11.1.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0
f5	big-ip_link_controller	11.0.0
f5	big-ip_link_controller	11.1.0
f5	big-ip_link_controller	11.2.0
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.3.0
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.5.2
f5	big-ip_link_controller	11.5.3
f5	big-ip_link_controller	11.5.4
f5	big-ip_link_controller	11.6.0
f5	big-ip_link_controller	12.0.0
f5	big-ip_access_policy_manager	11.0.0
f5	big-ip_access_policy_manager	11.1.0
f5	big-ip_access_policy_manager	11.2.0
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_access_policy_manager	11.5.4
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_access_policy_manager	12.0.0
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_application_security_manager	11.1.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.5.2
f5	big-ip_application_security_manager	11.5.3
f5	big-ip_application_security_manager	11.5.4
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_application_security_manager	12.0.0
f5	big-ip_domain_name_system	12.0.0
f5	big-ip_global_traffic_manager	11.0.0
f5	big-ip_global_traffic_manager	11.1.0
f5	big-ip_global_traffic_manager	11.2.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.5.2
f5	big-ip_global_traffic_manager	11.5.3
f5	big-ip_global_traffic_manager	11.5.4
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_local_traffic_manager	11.0.0
f5	big-ip_local_traffic_manager	11.1.0
f5	big-ip_local_traffic_manager	11.2.0
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.5.2
f5	big-ip_local_traffic_manager	11.5.3
f5	big-ip_local_traffic_manager	11.5.4
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_local_traffic_manager	12.0.0
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.5.2
f5	big-ip_application_acceleration_manager	11.5.3
f5	big-ip_application_acceleration_manager	11.5.4
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_application_acceleration_manager	12.0.0
f5	big-ip_protocol_security_module	11.0.0
f5	big-ip_protocol_security_module	11.1.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_analytics	11.0.0
f5	big-ip_analytics	11.1.0
f5	big-ip_analytics	11.2.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.5.2
f5	big-ip_analytics	11.5.3
f5	big-ip_analytics	11.5.4
f5	big-ip_analytics	11.6.0
f5	big-ip_analytics	12.0.0
f5	big-ip_advanced_firewall_manager	11.2.1
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_advanced_firewall_manager	11.5.4
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_advanced_firewall_manager	12.0.0
f5	big-ip_wan_optimization_manager	11.0.0
f5	big-ip_wan_optimization_manager	11.1.0
f5	big-ip_wan_optimization_manager	11.2.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.5.2
f5	big-ip_policy_enforcement_manager	11.5.3
f5	big-ip_policy_enforcement_manager	11.5.4
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_policy_enforcement_manager	12.0.0
f5	big-ip_edge_gateway	11.0.0
f5	big-ip_edge_gateway	11.1.0
f5	big-ip_edge_gateway	11.2.0
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_edge_gateway	11.3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FDC1C0F-A00A-456C-AB51-CD139B15CB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "La utilidad Configuration en sistemas F5 BIG-IP 11.0.x, 11.1.x, 11.2.x en versiones anteriores a11.2.1 HF16, 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 HF2, 1.6.x en versiones anteriores a 11.6.1 y 12.0.0 en versiones anteriores a HF1 permite a administradores remotos leer registros de acceso Access Policy Manager (APM) a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2016-1497",
  "lastModified": "2024-11-21T02:46:33.530",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-26T14:59:00.133",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/92671"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036631"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/92671"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2017-06-09 15:29

Modified

2024-11-21 02:58

Severity ?

5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Summary

A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable.

References

URL	Tags
f5sirt@f5.com	http://www.securityfocus.com/bid/95320	Third Party Advisory, VDB Entry
f5sirt@f5.com	http://www.securitytracker.com/id/1037559
f5sirt@f5.com	http://www.securitytracker.com/id/1037560
f5sirt@f5.com	https://support.f5.com/csp/article/K97285349	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/95320	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037559
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037560
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K97285349	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.5.2
f5	big-ip_local_traffic_manager	11.5.3
f5	big-ip_local_traffic_manager	11.5.4
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_local_traffic_manager	11.6.1
f5	big-ip_local_traffic_manager	12.0.0
f5	big-ip_local_traffic_manager	12.1.0
f5	big-ip_local_traffic_manager	12.1.1
f5	big-ip_local_traffic_manager	12.1.2
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.5.2
f5	big-ip_application_acceleration_manager	11.5.3
f5	big-ip_application_acceleration_manager	11.5.4
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_application_acceleration_manager	11.6.1
f5	big-ip_application_acceleration_manager	12.0.0
f5	big-ip_application_acceleration_manager	12.1.0
f5	big-ip_application_acceleration_manager	12.1.1
f5	big-ip_application_acceleration_manager	12.1.2
f5	big-ip_advanced_firewall_manager	11.2.1
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_advanced_firewall_manager	11.5.4
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_advanced_firewall_manager	11.6.1
f5	big-ip_advanced_firewall_manager	12.0.0
f5	big-ip_advanced_firewall_manager	12.1.0
f5	big-ip_advanced_firewall_manager	12.1.1
f5	big-ip_advanced_firewall_manager	12.1.2
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.5.2
f5	big-ip_analytics	11.5.3
f5	big-ip_analytics	11.5.4
f5	big-ip_analytics	11.6.0
f5	big-ip_analytics	11.6.1
f5	big-ip_analytics	12.0.0
f5	big-ip_analytics	12.1.0
f5	big-ip_analytics	12.1.1
f5	big-ip_analytics	12.1.2
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_access_policy_manager	11.5.4
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_access_policy_manager	11.6.1
f5	big-ip_access_policy_manager	12.0.0
f5	big-ip_access_policy_manager	12.1.0
f5	big-ip_access_policy_manager	12.1.1
f5	big-ip_access_policy_manager	12.1.2
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.5.2
f5	big-ip_application_security_manager	11.5.3
f5	big-ip_application_security_manager	11.5.4
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_application_security_manager	11.6.1
f5	big-ip_application_security_manager	12.0.0
f5	big-ip_application_security_manager	12.1.0
f5	big-ip_application_security_manager	12.1.1
f5	big-ip_application_security_manager	12.1.2
f5	big-ip_domain_name_system	12.0.0
f5	big-ip_domain_name_system	12.1.0
f5	big-ip_domain_name_system	12.1.1
f5	big-ip_domain_name_system	12.1.2
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.5.2
f5	big-ip_global_traffic_manager	11.5.3
f5	big-ip_global_traffic_manager	11.5.4
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_global_traffic_manager	11.6.1
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.5.2
f5	big-ip_link_controller	11.5.3
f5	big-ip_link_controller	11.5.4
f5	big-ip_link_controller	11.6.0
f5	big-ip_link_controller	11.6.1
f5	big-ip_link_controller	12.0.0
f5	big-ip_link_controller	12.1.0
f5	big-ip_link_controller	12.1.1
f5	big-ip_link_controller	12.1.2
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.5.2
f5	big-ip_policy_enforcement_manager	11.5.3
f5	big-ip_policy_enforcement_manager	11.5.4
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_policy_enforcement_manager	11.6.1
f5	big-ip_policy_enforcement_manager	12.0.0
f5	big-ip_policy_enforcement_manager	12.1.0
f5	big-ip_policy_enforcement_manager	12.1.1
f5	big-ip_policy_enforcement_manager	12.1.2
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_websafe	11.6.0
f5	big-ip_websafe	11.6.1
f5	big-ip_websafe	12.0.0
f5	big-ip_websafe	12.1.0
f5	big-ip_websafe	12.1.1
f5	big-ip_websafe	12.1.2
f5	big-ip_wan_optimization_manager	11.2.1
f5	enterprise_manager	3.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82C7B1C-E195-4D94-B604-78FB464C4F81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F6C3144-D0DE-4248-BFCD-04A7E6104044",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0357B5ED-0600-4756-93E5-692987068596",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECA90FB8-E2CD-400F-B753-1B482E7FAC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEC804B-35DB-4A0C-9AEA-15527E0CC1B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEB228A9-0C01-4531-B2B2-38BB7B0E02E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FDC1C0F-A00A-456C-AB51-CD139B15CB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC827031-CA39-4081-8CE0-30EAC78DF756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7569903B-3A15-4A10-863B-6828337DD268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "45825991-D17D-42F1-87B4-7DF86B098B45",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A065BC0-56BD-4665-A860-EBA37F1A4D8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77192AFB-B612-4BAA-916C-3DF8E851CC2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE295AF6-2B35-467F-8501-B5753CDDE16C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3C03B68-914F-4DB0-A832-B626B8746524",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2044C-AC6F-4145-B1A0-8EB26DCF1F8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC866D4-CE8C-4408-AD1E-8643AC554CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7563D979-BE37-4251-B92E-0DBDBE53F3FF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB2118A-0F9C-4273-BB07-85FEA32C785B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8541C9EF-69A8-4641-B173-3BCE0EDD20A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E24A3C71-0075-4738-B114-267337D050CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD7394-BD0A-42FD-A367-827F35397A20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98509F74-301A-4D1F-A2B4-B01B80CEFFCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E87FFF5F-5BB1-4E2F-BD15-3BA7C9B26FEA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "911BB6DB-B2D1-4855-A65C-F0799E034358",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBBB6E7C-DA1A-479F-9DD2-DE0C3CA82E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4913B437-33FF-4B5E-A855-9DA00B35E3B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDCFE65B-340B-4F7D-93A1-4390BBC8E67F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "64273A2C-E5A1-4605-92DD-EBECC7F051D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E60CA151-1C3A-45B3-B939-E6F80063C595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "58BAD5A9-9C67-4056-9344-07C8C42C8E88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "228D5DA1-C78A-4E05-997A-50F6C1B59593",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "452C59B8-230D-4FC0-B76D-FA6E381E3713",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EE1EEA6-1E25-4A90-91A1-386D19808557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A05340-0AE2-49CA-903F-44383421577E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "583F134E-1616-44F2-8EF0-0CFA5CCEF0AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "86D0731D-E9DA-4056-9AC6-F204C2F915F7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de tipo cross-site scripting (XSS) almacenada en la p\u00e1gina de cambio de nombre del dispositivo de la utilidad Configuration en BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM y WebSafe versi\u00f3n 12.0.0 hasta 12.1.2, versi\u00f3n 11.4.0 hasta 11.6.1, y versi\u00f3n 11.2.1, permite a un usuario autenticado inyectar un script web o HTML arbitrario. La explotaci\u00f3n requiere administrador de recursos o permisos de administrador, y podr\u00eda causar que el cliente de la utilidad Configuration se vuelva inestable."
    }
  ],
  "id": "CVE-2016-7469",
  "lastModified": "2024-11-21T02:58:04.063",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-09T15:29:00.180",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95320"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "http://www.securitytracker.com/id/1037559"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "http://www.securitytracker.com/id/1037560"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K97285349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95320"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1037559"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1037560"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K97285349"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-04-12 14:59

Modified

2024-11-21 02:37

Severity ?

4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Summary

Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php.

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/bid/82340
cve@mitre.org	http://www.securitytracker.com/id/1034781
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/82340
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034781
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_access_policy_manager	11.0.0
f5	big-ip_access_policy_manager	11.1.0
f5	big-ip_access_policy_manager	11.2.0
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_analytics	11.0.0
f5	big-ip_analytics	11.1.0
f5	big-ip_analytics	11.2.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_application_security_manager	11.1.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_edge_gateway	11.0.0
f5	big-ip_edge_gateway	11.1.0
f5	big-ip_edge_gateway	11.2.0
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_edge_gateway	11.3.0
f5	big-ip_global_traffic_manager	11.0.0
f5	big-ip_global_traffic_manager	11.1.0
f5	big-ip_global_traffic_manager	11.2.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_link_controller	11.0.0
f5	big-ip_link_controller	11.1.0
f5	big-ip_link_controller	11.2.0
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.3.0
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_local_traffic_manager	11.0.0
f5	big-ip_local_traffic_manager	11.1.0
f5	big-ip_local_traffic_manager	11.2.0
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_protocol_security_module	11.0.0
f5	big-ip_protocol_security_module	11.1.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_wan_optimization_manager	11.0.0
f5	big-ip_wan_optimization_manager	11.1.0
f5	big-ip_wan_optimization_manager	11.2.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-ip_webaccelerator	11.0.0
f5	big-ip_webaccelerator	11.1.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de lista negra incompleta en la utilidad Configuration en F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller y PSM 11.x en versiones anteriores a 11.2.1 HF11, 11.3.x, 11.4.0 en versiones anteriores a HF8 y 11.4.1 en versiones anteriores a HF6; BIG-IP AAM 11.4.0 en versiones anteriores a HF8 y 11.4.1 en versiones anteriores a HF6; BIG-IP AFM y PEM 11.3.x, 11.4.0 en versiones anteriores a HF8 y 11.4.1 en versiones anteriores a HF6 y BIG-IP Edge Gateway, WebAccelerator y WOM 11.x en versiones anteriores a 11.2.1 HF11 y 11.3.0 permite a usuarios remotos autenticados cargar archivos a trav\u00e9s de uploadImage.php."
    }
  ],
  "id": "CVE-2015-8021",
  "lastModified": "2024-11-21T02:37:51.457",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-04-12T14:59:02.177",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/82340"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034781"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/82340"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034781"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-03-19 21:29

Modified

2024-11-21 02:09

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow remote attackers to have unspecified impact via a timing side-channel attack.

References

URL	Tags
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/95834	Third Party Advisory, VDB Entry
cve@mitre.org	https://support.f5.com/csp/article/K15500	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/95834	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K15500	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_analytics	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_edge_gateway	*
f5	big-ip_edge_gateway	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_protocol_security_module	*
f5	big-ip_protocol_security_module	*
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_wan_optimization_manager	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6D61BF2-69D8-4AD2-85CD-D87F640A6888",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C483253F-841E-4D4E-9B4A-932E9D07268B",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BBEF73-E87D-467F-85EB-47BE212DF0E8",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE23220D-E364-41B7-A440-43B3AA4A716A",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E910D60-1145-4229-9890-80D2D67C3845",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F0E7766-BDB4-42AB-B6CC-6B4E86A10038",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06BA93C0-A7AE-4A8E-BD74-08149A204463",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E0D8F52-0EAD-4E02-A8D8-CBAE2CDC703B",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9828CBA5-BB72-46E2-987D-633A5B3E2AFF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow remote attackers to have unspecified impact via a timing side-channel attack."
    },
    {
      "lang": "es",
      "value": "Los servidores virtuales SSL en sistemas F5 BIG-IP, en versiones 10.x anteriores a la 10.2.4 HF9, versiones 11.x anteriores a la 11.2.1 HF12, versiones 11.3.0 anteriores a la HF10, versiones 11.4.0 anteriores a la HF8, versiones 11.4.1 anteriores a la HF5, versiones 11.5.0 anteriores a la HF5 y versiones 11.5.1 anteriores a la HF5, al emplearse con tarjetas de aceleraci\u00f3n SSL (Secure Sockets Layer) de terceros, podr\u00edan permitir que atacantes remotos provoquen un impacto sin especificar mediante un ataque de sincronizaci\u00f3n de canal lateral."
    }
  ],
  "id": "CVE-2014-4024",
  "lastModified": "2024-11-21T02:09:21.760",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-03-19T21:29:00.737",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95834"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K15500"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95834"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K15500"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-05-12 14:55

Modified

2024-11-21 02:07

Severity ?

Summary

The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, Enterprise Manager 2.1.0 through 2.3.0 and 3.0.0 through 3.1.1, and BIG-IQ Cloud, Device, and Security 4.0.0 through 4.3.0 allows remote administrators to execute arbitrary commands via shell metacharacters in the hostname element in a SOAP request.

References

URL	Tags
cret@cert.org	http://seclists.org/fulldisclosure/2014/May/32
cret@cert.org	http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html	Vendor Advisory
cret@cert.org	http://www.exploit-db.com/exploits/34927	Exploit
cret@cert.org	http://www.osvdb.org/106728
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2014/May/32
af854a3a-2127-422b-91ae-364da2661108	http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.exploit-db.com/exploits/34927	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/106728

Impacted products

Vendor	Product	Version
f5	big-ip_webaccelerator	9.4.0
f5	big-ip_webaccelerator	9.4.1
f5	big-ip_webaccelerator	9.4.2
f5	big-ip_webaccelerator	9.4.3
f5	big-ip_webaccelerator	9.4.4
f5	big-ip_webaccelerator	9.4.5
f5	big-ip_webaccelerator	9.4.6
f5	big-ip_webaccelerator	9.4.7
f5	big-ip_webaccelerator	9.4.8
f5	big-ip_webaccelerator	10.0.0
f5	big-ip_webaccelerator	10.0.1
f5	big-ip_webaccelerator	10.1.0
f5	big-ip_webaccelerator	10.2.0
f5	big-ip_webaccelerator	10.2.1
f5	big-ip_webaccelerator	10.2.2
f5	big-ip_webaccelerator	10.2.3
f5	big-ip_webaccelerator	10.2.4
f5	big-ip_webaccelerator	11.0.0
f5	big-ip_webaccelerator	11.1.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0
f5	big-ip_local_traffic_manager	10.0.0
f5	big-ip_local_traffic_manager	10.0.1
f5	big-ip_local_traffic_manager	10.1.0
f5	big-ip_local_traffic_manager	10.2.0
f5	big-ip_local_traffic_manager	10.2.1
f5	big-ip_local_traffic_manager	10.2.2
f5	big-ip_local_traffic_manager	11.0.0
f5	big-ip_protocol_security_module	9.4.5
f5	big-ip_protocol_security_module	9.4.6
f5	big-ip_protocol_security_module	9.4.7
f5	big-ip_protocol_security_module	9.4.8
f5	big-ip_protocol_security_module	10.0.0
f5	big-ip_protocol_security_module	10.0.1
f5	big-ip_protocol_security_module	10.1.0
f5	big-ip_protocol_security_module	10.2.0
f5	big-ip_protocol_security_module	10.2.1
f5	big-ip_protocol_security_module	10.2.2
f5	big-ip_protocol_security_module	10.2.3
f5	big-ip_protocol_security_module	10.2.4
f5	big-ip_protocol_security_module	11.0.0
f5	big-ip_protocol_security_module	11.1.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_link_controller	10.0.0
f5	big-ip_link_controller	10.0.1
f5	big-ip_link_controller	10.1.0
f5	big-ip_link_controller	10.2.0
f5	big-ip_link_controller	10.2.1
f5	big-ip_link_controller	10.2.2
f5	big-ip_link_controller	11.0.0
f5	big-ip_application_security_manager	10.0.0
f5	big-ip_application_security_manager	10.0.1
f5	big-ip_application_security_manager	10.1.0
f5	big-ip_application_security_manager	10.2.0
f5	big-ip_application_security_manager	10.2.1
f5	big-ip_application_security_manager	10.2.2
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_global_traffic_manager	10.0.0
f5	big-ip_global_traffic_manager	10.0.1
f5	big-ip_global_traffic_manager	10.1.0
f5	big-ip_global_traffic_manager	10.2.0
f5	big-ip_global_traffic_manager	10.2.1
f5	big-ip_global_traffic_manager	10.2.2
f5	big-ip_global_traffic_manager	11.0.0
f5	big-ip_wan_optimization_manager	10.0.0
f5	big-ip_wan_optimization_manager	10.0.1
f5	big-ip_wan_optimization_manager	10.1.0
f5	big-ip_wan_optimization_manager	10.2.0
f5	big-ip_wan_optimization_manager	10.2.1
f5	big-ip_wan_optimization_manager	10.2.2
f5	big-ip_wan_optimization_manager	11.0.0
f5	big-ip_access_policy_manager	10.1.0
f5	big-ip_access_policy_manager	10.2.0
f5	big-ip_access_policy_manager	10.2.1
f5	big-ip_access_policy_manager	10.2.2
f5	big-ip_access_policy_manager	11.0.0
f5	big-ip_edge_gateway	10.1.0
f5	big-ip_edge_gateway	10.2.0
f5	big-ip_edge_gateway	10.2.1
f5	big-ip_edge_gateway	10.2.2
f5	big-ip_edge_gateway	11.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB7340E-36AE-40F0-8B38-247803F97038",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEFEE12B-A78F-4288-A98F-2497531D0EAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D4AE2CE-4A4B-4B5F-992C-F939E1CDE6FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAB821F7-26DB-4C74-9129-BBC50DF0C2F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD6FE682-3B40-42B0-A3BC-4281F0003248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFC8D1C6-69AC-4423-A1C7-4093236A7F51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "38CDACEA-9235-4B7F-AC2B-4ACFB4BD9918",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF5FC5A6-0CD0-47E3-87F9-F09BB1B4B920",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7317A692-0D9D-4DF4-99AD-893187E3F298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E951823B-9791-48C7-A804-18FEBEC31279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E3427DB-2918-4934-A3C1-FA5F1632364F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC8AA37-9962-4CF6-99E5-A6F94582B107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8463B1D-8442-4D50-BAAA-122280496A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6448016D-1A8E-42E3-81F8-80772D4EE6B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C54690EB-578A-45DA-9324-4CE84B084BCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "50B828D6-7221-4F94-9C0D-4483E60576EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B10D9D9-BC40-4889-9196-C8EA7C571160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71578014-E3CD-40A9-8AE4-537C970B4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4D2DA3-1EF3-428A-ACC0-1C438D6F8648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC2A0DC-D931-4450-8D0F-3223A8EDCED9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16ACB60E-B9E9-402A-BE42-DF5C892C2257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EE87BAD-382E-4FA7-BCF9-88EFA36DAB3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB441DC5-813E-4E59-87B8-15731291B135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89F4A12-710E-4F7A-9A8D-D8B91889A279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, Enterprise Manager 2.1.0 through 2.3.0 and 3.0.0 through 3.1.1, and BIG-IQ Cloud, Device, and Security 4.0.0 through 4.3.0 allows remote administrators to execute arbitrary commands via shell metacharacters in the hostname element in a SOAP request."
    },
    {
      "lang": "es",
      "value": "La API iControl en F5 BIG-IP LTM, APM, ASM, GTM, Link Controller y PSM 10.0.0 hasta 10.2.4 y 11.0.0 hasta 11.5.1, BIG-IP AAM 11.4.0 hasta 11.5.1, BIG-IP AFM y PEM 11.3.0 hasta 11.5.1, BIG-IP Analytics 11.0.0 hasta 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 hasta 10.2.4 y 11.0.0 hasta 11.3.0, Enterprise Manager 2.1.0 hasta 2.3.0 y 3.0.0 hasta 3.1.1 y BIG-IQ Cloud, Device y Security 4.0.0 hasta 4.3.0 permite a administradores remotos ejecutar comandos arbitrarios a trav\u00e9s de metacaracteres de shell en el elemento de nombre de anfitri\u00f3n en una solicitud SOAP."
    }
  ],
  "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/77.html\n\n\"CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\"",
  "id": "CVE-2014-2928",
  "lastModified": "2024-11-21T02:07:12.457",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-05-12T14:55:06.587",
  "references": [
    {
      "source": "cret@cert.org",
      "url": "http://seclists.org/fulldisclosure/2014/May/32"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/34927"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.osvdb.org/106728"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2014/May/32"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/34927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/106728"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-09-07 19:28

Modified

2024-11-21 02:53

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic.

References

URL	Tags
cve@mitre.org	http://www.securitytracker.com/id/1036709	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id/1036710	Third Party Advisory, VDB Entry
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036709	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036710	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_link_controller	11.2.0
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.3.0
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.5.2
f5	big-ip_link_controller	11.5.3
f5	big-ip_link_controller	11.5.4
f5	big-ip_link_controller	11.6.0
f5	big-ip_link_controller	11.6.1
f5	big-ip_link_controller	12.0.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.5.2
f5	big-ip_policy_enforcement_manager	11.5.3
f5	big-ip_policy_enforcement_manager	11.5.4
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_policy_enforcement_manager	11.6.1
f5	big-ip_policy_enforcement_manager	12.0.0
f5	big-ip_access_policy_manager	11.2.0
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_access_policy_manager	11.5.4
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_access_policy_manager	11.6.1
f5	big-ip_access_policy_manager	12.0.0
f5	big-ip_global_traffic_manager	11.2.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.5.2
f5	big-ip_global_traffic_manager	11.5.3
f5	big-ip_global_traffic_manager	11.5.4
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_global_traffic_manager	11.6.1
f5	big-iq_cloud	4.0.0
f5	big-iq_cloud	4.1.0
f5	big-iq_cloud	4.2.0
f5	big-iq_cloud	4.3.0
f5	big-iq_cloud	4.4.0
f5	big-iq_cloud	4.5.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0
f5	big-iq_application_delivery_controller	4.5.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.5.2
f5	big-ip_application_security_manager	11.5.3
f5	big-ip_application_security_manager	11.5.4
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_application_security_manager	11.6.1
f5	big-ip_application_security_manager	12.0.0
f5	big-ip_local_traffic_manager	11.2.0
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.5.2
f5	big-ip_local_traffic_manager	11.5.3
f5	big-ip_local_traffic_manager	11.5.4
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_local_traffic_manager	11.6.1
f5	big-ip_local_traffic_manager	12.0.0
f5	big-ip_wan_optimization_manager	11.2.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-iq_device	4.2.0
f5	big-iq_device	4.3.0
f5	big-iq_device	4.4.0
f5	big-iq_device	4.5.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_advanced_firewall_manager	11.5.4
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_advanced_firewall_manager	11.6.1
f5	big-ip_advanced_firewall_manager	12.0.0
f5	big-ip_domain_name_system	12.0.0
f5	big-iq_centralized_management	4.6.0
f5	big-iq_cloud_and_orchestration	1.0.0
f5	f5_iworkflow	2.0.0
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.5.2
f5	big-ip_application_acceleration_manager	11.5.3
f5	big-ip_application_acceleration_manager	11.5.4
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_application_acceleration_manager	11.6.1
f5	big-ip_application_acceleration_manager	12.0.0
f5	big-ip_edge_gateway	11.2.0
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_edge_gateway	11.3.0
f5	enterprise_manager	3.1.1
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_analytics	11.2.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.5.2
f5	big-ip_analytics	11.5.3
f5	big-ip_analytics	11.5.4
f5	big-ip_analytics	11.6.0
f5	big-ip_analytics	11.6.1
f5	big-ip_analytics	12.0.0
f5	big-iq_security	4.0.0
f5	big-iq_security	4.1.0
f5	big-iq_security	4.2.0
f5	big-iq_security	4.3.0
f5	big-iq_security	4.4.0
f5	big-iq_security	4.5.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "911BB6DB-B2D1-4855-A65C-F0799E034358",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:f5_iworkflow:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAC5A3C6-E7E1-4C67-B868-0BFA0CCC5956",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A065BC0-56BD-4665-A860-EBA37F1A4D8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic."
    },
    {
      "lang": "es",
      "value": "F5 BIG-IP LTM, Analytics, APM, ASM y Link Controller 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 HF1 y 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP AAM, AFM y PEM 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 HF1 y 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP DNS 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator y WOM 11.2.x en versiones anteriores a 11.2.1 HF16 y 11.3.0; BIG-IP GTM 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2 y 11.6.x en versiones anteriores a 11.6.1 HF1; BIG-IP PSM 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x y 11.4.0 hasta la version 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 hasta la version 4.5.0; BIG-IQ Device 4.2.0 hasta la version 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0 y iWorkflow 2.0.0, cuando Packet Filtering est\u00e1 habilitado en servidores virtuales y posiblemente en direcciones IP autom\u00e1ticas, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de Traffic Management Microkernel) y posiblemente tener otro impacto no especificado a trav\u00e9s de tr\u00e1fico de red manipulado."
    }
  ],
  "id": "CVE-2016-5022",
  "lastModified": "2024-11-21T02:53:28.093",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-09-07T19:28:02.723",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036709"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036710"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036709"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036710"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-05-07 10:55

Modified

2024-12-19 18:45

Severity ?

Summary

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

References

URL	Tags
secalert@redhat.com	http://bugzilla.novell.com/show_bug.cgi?id=875690	Issue Tracking, Permissions Required, Third Party Advisory
secalert@redhat.com	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00	Broken Link
secalert@redhat.com	http://linux.oracle.com/errata/ELSA-2014-0771.html	Third Party Advisory
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://pastebin.com/raw.php?i=yTSFUBgZ	Exploit, Mailing List, Third Party Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2014-0512.html	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/59218	Not Applicable
secalert@redhat.com	http://secunia.com/advisories/59262	Broken Link
secalert@redhat.com	http://secunia.com/advisories/59599	Broken Link
secalert@redhat.com	http://source.android.com/security/bulletin/2016-07-01.html	Not Applicable
secalert@redhat.com	http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html	Third Party Advisory
secalert@redhat.com	http://www.debian.org/security/2014/dsa-2926	Third Party Advisory
secalert@redhat.com	http://www.debian.org/security/2014/dsa-2928	Third Party Advisory
secalert@redhat.com	http://www.exploit-db.com/exploits/33516	Exploit, Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2014/05/05/6	Mailing List, Third Party Advisory
secalert@redhat.com	http://www.osvdb.org/106646	Broken Link
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2196-1	Third Party Advisory
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2197-1	Third Party Advisory
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2198-1	Third Party Advisory
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2199-1	Third Party Advisory
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2200-1	Third Party Advisory
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2201-1	Third Party Advisory
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2202-1	Third Party Advisory
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2203-1	Third Party Advisory
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2204-1	Third Party Advisory
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1094232	Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com	https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00	Exploit, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://bugzilla.novell.com/show_bug.cgi?id=875690	Issue Tracking, Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://linux.oracle.com/errata/ELSA-2014-0771.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://pastebin.com/raw.php?i=yTSFUBgZ	Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-0512.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59218	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59262	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59599	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://source.android.com/security/bulletin/2016-07-01.html	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2014/dsa-2926	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2014/dsa-2928	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.exploit-db.com/exploits/33516	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2014/05/05/6	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/106646	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2196-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2197-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2198-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2199-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2200-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2201-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2202-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2203-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2204-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1094232	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00	Exploit, Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	2.6.31
linux	linux_kernel	2.6.31
linux	linux_kernel	2.6.31
linux	linux_kernel	2.6.31
linux	linux_kernel	2.6.31
linux	linux_kernel	2.6.31
linux	linux_kernel	2.6.31
linux	linux_kernel	2.6.31
debian	debian_linux	6.0
debian	debian_linux	7.0
redhat	enterprise_linux	6.0
redhat	enterprise_linux_eus	6.3
redhat	enterprise_linux_eus	6.4
redhat	enterprise_linux_server_eus	6.3
suse	suse_linux_enterprise_desktop	11
suse	suse_linux_enterprise_high_availability_extension	11
suse	suse_linux_enterprise_server	11
suse	suse_linux_enterprise_server	11
oracle	linux	6
canonical	ubuntu_linux	10.04
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	12.10
canonical	ubuntu_linux	13.10
canonical	ubuntu_linux	14.04
f5	big-ip_access_policy_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_analytics	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_edge_gateway	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_link_controller	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_protocol_security_module	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_webaccelerator	*
f5	big-iq_application_delivery_controller	4.5.0
f5	big-iq_centralized_management	4.6.0
f5	big-iq_cloud	*
f5	big-iq_cloud_and_orchestration	1.0.0
f5	big-iq_device	*
f5	big-iq_security	*
f5	enterprise_manager	3.1.0
f5	enterprise_manager	3.1.1

JSON

To clipboard

{
  "cisaActionDue": "2023-06-02",
  "cisaExploitAdd": "2023-05-12",
  "cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.",
  "cisaVulnerabilityName": "Linux Kernel Race Condition Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFDB0B31-FFF7-471B-9352-29099002BED7",
              "versionEndExcluding": "3.2.59",
              "versionStartExcluding": "2.6.31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "992BFD6A-701C-4412-9220-F6C77B4E64F3",
              "versionEndExcluding": "3.4.91",
              "versionStartIncluding": "3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "287DC65B-A513-4FB9-A1CF-69F428030DF8",
              "versionEndExcluding": "3.10.40",
              "versionStartIncluding": "3.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D82F8C94-5FA7-4A7A-8855-ECF21B3BBD42",
              "versionEndExcluding": "3.12.20",
              "versionStartIncluding": "3.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9996644C-371E-49B9-A494-733B1EA513EC",
              "versionEndExcluding": "3.14.4",
              "versionStartIncluding": "3.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:-:*:*:*:*:*:*",
              "matchCriteriaId": "2887290A-1B43-4DB9-A9D0-B0B56CD78E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "A2507858-675B-4DA2-A49E-00DB54700CF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "0A25EA55-3F1C-440C-A383-0BB9556C9508",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "B2665356-4EF5-4543-AD15-67FDB851DCCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "26E7609B-B058-496D-ACDD-7F69FBDE89E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc7:*:*:*:*:*:*",
              "matchCriteriaId": "210BF049-8B3C-4ACC-BF8E-2C3551477602",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc8:*:*:*:*:*:*",
              "matchCriteriaId": "1837F32C-80D3-4E10-AE5D-E9F5A11A434E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc9:*:*:*:*:*:*",
              "matchCriteriaId": "4B4E132B-A69A-4CD1-B4D9-E17C4361A3AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "413CC30E-5FFE-47A4-B38B-80E3A9B13238",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:-:*:*",
              "matchCriteriaId": "DD41513F-36F9-459C-A0CB-26C025E63CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "B39F3060-6F9E-4F20-8924-FEF5ED8A30CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
              "matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
              "matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
              "matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F315708-017C-4362-9C09-6774F89D9370",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BBEF73-E87D-467F-85EB-47BE212DF0E8",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A430FFB4-418C-43DA-8E17-020618A77A56",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C483253F-841E-4D4E-9B4A-932E9D07268B",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A0CC74C-6914-4A6F-A1CE-65A695AE31F6",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FF30167-0241-4136-82F8-2D2FB545C19A",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54A45725-FECD-4CA9-BFA4-E13FCDFDDF13",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C596B3F-9D93-49D2-99D7-D590CC9AEAA5",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8696A6B-1B56-43B5-A506-21E17735B9CA",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C666A18-9DED-4B49-92DE-474403FC17BF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B52D60-38DB-4BE9-91F4-B6553F5E5A93",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1E3204F-9464-4AC3-819B-D1A6B399FAE3",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C580F19-AF18-49EE-89FF-8C4F5C88314D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO \u0026 !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n n_tty_write en drivers/tty/n_tty.c en el kernel de Linux hasta 3.14.3 no maneja debidamente acceso al controlador tty en el caso \u0027LECHO \u0026 !OPOST\u0027, lo que permite a usuarios locales causar una denegaci\u00f3n de servicio (consumo de memoria y ca\u00edda de sistema) o ganar privilegios mediante la provocaci\u00f3n de una condici\u00f3n de carrera involucrando operaciones de lectura y escritura con cadenas largas."
    }
  ],
  "id": "CVE-2014-0196",
  "lastModified": "2024-12-19T18:45:22.253",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-05-07T10:55:04.337",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/59218"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59262"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59599"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://source.android.com/security/bulletin/2016-07-01.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-2926"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-2928"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.exploit-db.com/exploits/33516"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/106646"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2196-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2197-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2198-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2199-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2200-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2201-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2202-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2203-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2204-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/59218"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59599"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://source.android.com/security/bulletin/2016-07-01.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-2926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-2928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.exploit-db.com/exploits/33516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/106646"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2196-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2197-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2198-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2199-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2200-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2201-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2202-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2203-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2204-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2015-05-29 15:59

Modified

2024-11-21 02:30

Severity ?

Summary

racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.

References

URL	Tags
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html	Mailing List, Third Party Advisory
cve@mitre.org	http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html	Third Party Advisory, VDB Entry
cve@mitre.org	http://seclists.org/fulldisclosure/2015/May/81	Exploit, Mailing List, Third Party Advisory
cve@mitre.org	http://seclists.org/fulldisclosure/2015/May/83	Exploit, Mailing List, Third Party Advisory
cve@mitre.org	http://www.debian.org/security/2015/dsa-3272	Third Party Advisory
cve@mitre.org	http://www.openwall.com/lists/oss-security/2015/05/20/1	Exploit, Mailing List, Third Party Advisory
cve@mitre.org	http://www.openwall.com/lists/oss-security/2015/05/21/11	Mailing List, Third Party Advisory
cve@mitre.org	http://www.securityfocus.com/bid/74739	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id/1032397	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.ubuntu.com/usn/USN-2623-1	Third Party Advisory
cve@mitre.org	https://support.f5.com/csp/article/K05013313	Third Party Advisory
cve@mitre.org	https://www.altsci.com/ipsec/ipsec-tools-sa.html	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2015/May/81	Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2015/May/83	Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2015/dsa-3272	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/05/20/1	Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/05/21/11	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/74739	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032397	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2623-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K05013313	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.altsci.com/ipsec/ipsec-tools-sa.html	Exploit, Third Party Advisory

Impacted products

Vendor	Product	Version
ipsec-tools	ipsec-tools	0.8.2
canonical	ubuntu_linux	12.04
fedoraproject	fedora	20
fedoraproject	fedora	21
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	13.0.0
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	13.0.0
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	13.0.0
f5	big-ip_analytics	*
f5	big-ip_analytics	*
f5	big-ip_analytics	13.0.0
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	13.0.0
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	13.0.0
f5	big-ip_domain_name_system	*
f5	big-ip_domain_name_system	13.0.0
f5	big-ip_edge_gateway	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	13.0.0
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	13.0.0
f5	big-ip_protocol_security_manager	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_webaccelerator	*
f5	big-iq_adc	4.5.0
f5	big-iq_centralized_management	4.6.0
f5	big-iq_cloud	*
f5	big-iq_cloud_and_orchestration	1.0.0
f5	big-iq_device	*
f5	big-iq_security	*
f5	enterprise_manager	*
debian	debian_linux	7.0
debian	debian_linux	8.0
debian	debian_linux	9.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4F6D424-26B7-4CD2-80B4-96FBA9E2FA5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55C26031-A354-4E19-A1C3-415336B2E7C5",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9AF8FC-B730-428D-B317-86ABEF924299",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A53BE5FB-7405-4952-B3BD-6B0B8213F98A",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A2670B3-1A96-4E72-A316-0AF826E8EC8B",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA7D64DC-7271-4617-BD46-99C8246779CA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69FBB7A9-69E7-4E84-ABBF-3430FA4FB757",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AD67D31-7FB8-4A3F-915D-385617E21428",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4E5F36-434B-48E1-9715-4EEC22FB23D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9970DEE7-9ED1-496F-A5DD-D41A0E13968E",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2620230F-1D8D-423D-953E-9EEF934C56DD",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "34D75E7F-B65F-421D-92EE-6B20756019C2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1488BC3-CBE9-4944-8573-D7EBE36713B8",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D2F203-B830-42E5-AE54-17453F72A45D",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF89E7C-806E-4800-BAA9-0225433B6C56",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79157FB3-C12D-4E05-81A3-776381822B2F",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "283155E5-EEAB-4E05-A0E7-B9C5077A5029",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7569977A-E567-4115-B00C-4B0CBA86582E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90D8985-EDE3-4613-9B4A-E3929D1D3721",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2F72B2-84F2-4FA2-9B53-E98344235EB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A3BBF17-573E-430A-86CB-A9A2A47940E3",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEB08984-6E30-41C0-B283-66D2AAE1E8B7",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72ED4B6A-EC5B-400E-88B7-6C986FC5BC4F",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2C4414E-8016-48B5-8CC3-F97FF2D85922",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E859BDBF-D0E7-4621-83F3-4079EEB111BC",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37257612-FAA4-4004-A4D3-4624F06F0615",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "42821916-E601-4831-B37B-3202ACF2C562",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96B6E81C-8DCA-4560-ABD7-8FB73FBE3824",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F",
              "versionEndIncluding": "3.1.1",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests."
    },
    {
      "lang": "es",
      "value": "racoon/gssapi.c en IPsec-Tools 0.8.2 permite a atacantes remotos causar una denegaci\u00f3n de servicios (referencia a puntero nulo y ca\u00edda de demonio IKE) a trav\u00e9s de una serie de solicitudes UDP manipuladas."
    }
  ],
  "id": "CVE-2015-4047",
  "lastModified": "2024-11-21T02:30:21.230",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-05-29T15:59:19.030",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2015/May/81"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2015/May/83"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2015/dsa-3272"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/74739"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1032397"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2623-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K05013313"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2015/May/81"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2015/May/83"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2015/dsa-3272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/74739"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1032397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2623-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K05013313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-06-23 11:21

Modified

2024-11-21 02:09

Severity ?

Summary

The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.

References

URL	Tags
cve@mitre.org	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html	Mailing List, Third Party Advisory
cve@mitre.org	http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618	Broken Link
cve@mitre.org	http://secunia.com/advisories/59134	Broken Link
cve@mitre.org	http://secunia.com/advisories/59777	Broken Link
cve@mitre.org	http://secunia.com/advisories/60564	Broken Link
cve@mitre.org	http://secunia.com/advisories/61310	Broken Link
cve@mitre.org	http://www.openwall.com/lists/oss-security/2014/06/11/1	Mailing List, Patch, Third Party Advisory
cve@mitre.org	http://www.ubuntu.com/usn/USN-2334-1	Third Party Advisory
cve@mitre.org	http://www.ubuntu.com/usn/USN-2335-1	Third Party Advisory
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=1108744	Issue Tracking, Patch, Third Party Advisory
cve@mitre.org	https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc	Patch, Third Party Advisory
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59134	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59777	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60564	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61310	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2014/06/11/1	Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2334-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2335-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1108744	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html	Third Party Advisory

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
redhat	enterprise_linux	6.0
canonical	ubuntu_linux	12.04
suse	linux_enterprise_desktop	11
suse	linux_enterprise_high_availability_extension	11
suse	linux_enterprise_real_time_extension	11
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	12.0.0
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	12.0.0
f5	big-ip_analytics	*
f5	big-ip_analytics	12.0.0
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	12.0.0
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	12.0.0
f5	big-ip_domain_name_system	12.0.0
f5	big-ip_edge_gateway	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	12.0.0
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	12.0.0
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	12.0.0
f5	big-ip_protocol_security_module	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_webaccelerator	*
f5	big-iq_application_delivery_controller	4.5.0
f5	big-iq_cloud	*
f5	big-iq_device	*
f5	big-iq_security	*
f5	enterprise_manager	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5673276-6E6D-4AB2-9DA6-7873D78E58CF",
              "versionEndExcluding": "3.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A3A907A3-2A3A-46D4-8D75-914649877B65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "3DB41B45-D94D-4A58-88B0-B3EC3EC350E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
              "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
              "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0A477D7-D770-40FA-822E-0686791DCBBC",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49BEE6CD-30CA-44B2-8A9E-B8198A44DB34",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40013D7-C45F-4712-9FBB-12EC55ACA8A8",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD759D15-7861-45DD-9141-4F2855164368",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF00C6EB-94E6-47BA-9C73-F7EEF0F5C5F1",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FF30167-0241-4136-82F8-2D2FB545C19A",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFB9C044-BDFD-44B6-9DEA-F9EC3B793F15",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F7E38E6-5E18-491B-A4A3-E47EED2F882F",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E48CB17C-616D-4637-9811-93B4291052F3",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA8052D-B8EA-4109-A93B-EDF8F1BF09F0",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C666A18-9DED-4B49-92DE-474403FC17BF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B52D60-38DB-4BE9-91F4-B6553F5E5A93",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1E3204F-9464-4AC3-819B-D1A6B399FAE3",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F",
              "versionEndIncluding": "3.1.1",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n rd_build_device_space en drivers/target/target_core_rd.c en el kernel de Linux anterior a 3.14 no inicializa debidamente cierta estructura de datos, lo que permite a usuarios locales obtener informaci\u00f3n sensible de la memoria ramdisk_mcp mediante el aprovechamiento del acceso a un iniciador SCSI."
    }
  ],
  "id": "CVE-2014-4027",
  "lastModified": "2024-11-21T02:09:21.917",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 2.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:M/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.4,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-06-23T11:21:18.700",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59134"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59777"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60564"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61310"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/06/11/1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2334-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2335-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59134"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59777"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60564"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61310"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/06/11/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2334-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2335-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2015-09-17 16:59

Modified

2024-11-21 02:30

Severity ?

Summary

Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html
cve@mitre.org	http://www.securitytracker.com/id/1033532
cve@mitre.org	http://www.securitytracker.com/id/1033533
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1033532
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1033533
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	enterprise_manager	3.0.0
f5	enterprise_manager	3.1.0
f5	enterprise_manager	3.1.1
f5	big-ip_access_policy_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_analytics	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_edge_gateway	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_link_controller	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_protocol_security_module	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_webaccelerator	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C580F19-AF18-49EE-89FF-8C4F5C88314D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EC5258F-B53C-4E2B-A5C0-9AEF63675BB5",
              "versionEndIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9CB99A3-6DE4-4227-9D89-E05F10AC2880",
              "versionEndIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5049073B-7754-4A47-A206-08B46456953A",
              "versionEndIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F4ACC44-64A6-46AF-B982-9A65B5DE1695",
              "versionEndIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B132488-A1D7-4D67-BD09-0BDDE0236D5D",
              "versionEndIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3F866FB-373B-4B82-8F79-F2C7C12D4E34",
              "versionEndIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1C8CDD7-23A3-4618-813C-AFC2C02900FB",
              "versionEndIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "218A281D-80BE-45F3-822A-889E826175C6",
              "versionEndIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27649D21-B5C6-4354-8455-B4A4D07AE172",
              "versionEndIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03AC76ED-6E8A-4947-AFF7-733DF6A0DF0D",
              "versionEndIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "652B5211-04DE-4D41-813F-C086D0862FF3",
              "versionEndIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "719843BE-0895-4693-8553-C173054D1FCD",
              "versionEndIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC03DE9-20CB-42AE-95D0-C1C4AD61ECE3",
              "versionEndIncluding": "11.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en la utilidad de configuraci\u00f3n en F5 BIG-IP en versiones anteriores a 12.0.0 y Enterprise Manager 3.0.0 hasta la versi\u00f3n 3.1.1, permite a usuarios remotos autenticados acceder a archivos arbitrarios en la ra\u00edz web a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2015-4040",
  "lastModified": "2024-11-21T02:30:20.130",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-09-17T16:59:01.527",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1033532"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1033533"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1033532"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1033533"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-01-20 16:59

Modified

2024-11-21 02:33

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6, BIG-IP AFM and PEM 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Analytics 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP APM and ASM 10.1.0 through 10.2.4, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, and 11.3.0, BIG-IP PSM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, and 11.4.x before 11.4.1 HF, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 might allow remote attackers to cause a denial of service (memory consumption) via a large number of crafted UDP packets.

References

URL	Tags
cve@mitre.org	http://www.securitytracker.com/id/1034686
cve@mitre.org	http://www.securitytracker.com/id/1034687
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034686
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034687
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-iq_application_delivery_controller	4.5.0
f5	big-ip_local_traffic_manager	10.0.0
f5	big-ip_local_traffic_manager	10.0.1
f5	big-ip_local_traffic_manager	10.1.0
f5	big-ip_local_traffic_manager	10.2.0
f5	big-ip_local_traffic_manager	10.2.1
f5	big-ip_local_traffic_manager	10.2.2
f5	big-ip_local_traffic_manager	10.2.3
f5	big-ip_local_traffic_manager	10.2.4
f5	big-ip_local_traffic_manager	11.0.0
f5	big-ip_local_traffic_manager	11.1.0
f5	big-ip_local_traffic_manager	11.2.0
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.5.2
f5	big-ip_local_traffic_manager	11.5.3
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_access_policy_manager	10.1.0
f5	big-ip_access_policy_manager	10.2.0
f5	big-ip_access_policy_manager	10.2.1
f5	big-ip_access_policy_manager	10.2.2
f5	big-ip_access_policy_manager	10.2.3
f5	big-ip_access_policy_manager	10.2.4
f5	big-ip_access_policy_manager	11.0.0
f5	big-ip_access_policy_manager	11.1.0
f5	big-ip_access_policy_manager	11.2.0
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_edge_gateway	10.1.0
f5	big-ip_edge_gateway	10.2.0
f5	big-ip_edge_gateway	10.2.1
f5	big-ip_edge_gateway	10.2.2
f5	big-ip_edge_gateway	10.2.3
f5	big-ip_edge_gateway	10.2.4
f5	big-ip_edge_gateway	11.0.0
f5	big-ip_edge_gateway	11.1.0
f5	big-ip_edge_gateway	11.2.0
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_edge_gateway	11.3.0
f5	big-ip_application_security_manager	10.1.0
f5	big-ip_application_security_manager	10.2.0
f5	big-ip_application_security_manager	10.2.1
f5	big-ip_application_security_manager	10.2.2
f5	big-ip_application_security_manager	10.2.3
f5	big-ip_application_security_manager	10.2.4
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_application_security_manager	11.1.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.5.2
f5	big-ip_application_security_manager	11.5.3
f5	big-ip_application_security_manager	11.6.0
f5	big-iq_security	4.0.0
f5	big-iq_security	4.1.0
f5	big-iq_security	4.2.0
f5	big-iq_security	4.3.0
f5	big-iq_security	4.4.0
f5	big-iq_security	4.5.0
f5	big-ip_wan_optimization_manager	10.1.0
f5	big-ip_wan_optimization_manager	10.2.0
f5	big-ip_wan_optimization_manager	10.2.1
f5	big-ip_wan_optimization_manager	10.2.2
f5	big-ip_wan_optimization_manager	10.2.3
f5	big-ip_wan_optimization_manager	10.2.4
f5	big-ip_wan_optimization_manager	11.0.0
f5	big-ip_wan_optimization_manager	11.1.0
f5	big-ip_wan_optimization_manager	11.2.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-ip_global_traffic_manager	10.1.0
f5	big-ip_global_traffic_manager	10.2.0
f5	big-ip_global_traffic_manager	10.2.1
f5	big-ip_global_traffic_manager	10.2.2
f5	big-ip_global_traffic_manager	10.2.3
f5	big-ip_global_traffic_manager	10.2.4
f5	big-ip_global_traffic_manager	11.0.0
f5	big-ip_global_traffic_manager	11.1.0
f5	big-ip_global_traffic_manager	11.2.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.5.2
f5	big-ip_global_traffic_manager	11.5.3
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_link_controller	10.1.0
f5	big-ip_link_controller	10.2.0
f5	big-ip_link_controller	10.2.1
f5	big-ip_link_controller	10.2.2
f5	big-ip_link_controller	10.2.3
f5	big-ip_link_controller	10.2.4
f5	big-ip_link_controller	11.0.0
f5	big-ip_link_controller	11.1.0
f5	big-ip_link_controller	11.2.0
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.3.0
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.5.2
f5	big-ip_link_controller	11.5.3
f5	big-ip_link_controller	11.6.0
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.5.2
f5	big-ip_policy_enforcement_manager	11.5.3
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-iq_cloud	4.0.0
f5	big-iq_cloud	4.1.0
f5	big-iq_cloud	4.2.0
f5	big-iq_cloud	4.3.0
f5	big-iq_cloud	4.4.0
f5	big-iq_cloud	4.5.0
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.5.2
f5	big-ip_application_acceleration_manager	11.5.3
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-iq_device	4.2.0
f5	big-iq_device	4.3.0
f5	big-iq_device	4.4.0
f5	big-iq_device	4.5.0
f5	big-ip_enterprise_manager	3.0.0
f5	big-ip_enterprise_manager	3.1.0
f5	big-ip_enterprise_manager	3.1.1
f5	big-ip_webaccelerator	10.1.0
f5	big-ip_webaccelerator	10.2.0
f5	big-ip_webaccelerator	10.2.1
f5	big-ip_webaccelerator	10.2.2
f5	big-ip_webaccelerator	10.2.3
f5	big-ip_webaccelerator	10.2.4
f5	big-ip_webaccelerator	11.0.0
f5	big-ip_webaccelerator	11.1.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0
f5	big-ip_analytics	11.0.0
f5	big-ip_analytics	11.1.0
f5	big-ip_analytics	11.2.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.5.2
f5	big-ip_analytics	11.5.3
f5	big-ip_analytics	11.6.0
f5	big-ip_protocol_security_module	10.1.0
f5	big-ip_protocol_security_module	10.2.0
f5	big-ip_protocol_security_module	10.2.1
f5	big-ip_protocol_security_module	10.2.2
f5	big-ip_protocol_security_module	10.2.3
f5	big-ip_protocol_security_module	10.2.4
f5	big-ip_protocol_security_module	11.0.0
f5	big-ip_protocol_security_module	11.1.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC8AA37-9962-4CF6-99E5-A6F94582B107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13753E9F-11AA-41F4-930E-BD9866D03396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D04FC0C-5E44-4DAD-9542-C772EA35916C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE47FF9-E13D-41D3-BEA2-EF1B973CB0A9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6, BIG-IP AFM and PEM 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Analytics 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP APM and ASM 10.1.0 through 10.2.4, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, and 11.3.0, BIG-IP PSM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, and 11.4.x before 11.4.1 HF, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 might allow remote attackers to cause a denial of service (memory consumption) via a large number of crafted UDP packets."
    },
    {
      "lang": "es",
      "value": "Fuga de memoria en el modulo kernel last hop en F5 BIG-IP LTM, GTM y Link Controller 10.1.x, 10.2.x en versiones anteriores a 10.2.4 HF13, 11.x en versiones anteriores a 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.3 HF2 y 11.6.x en versiones anteriores a HF6, BIG-IP AAM 11.4.x, 11.5.x en versiones anteriores a 11.5.3 HF2 y 11.6.0 en versiones anteriores a HF6, BIG-IP AFM y PEM 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.3 HF2 y 11.6.0 en versiones anteriores a HF6, BIG-IP Analytics 11.x en versiones anteriores a 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.3 HF2 y 11.6.0 en versiones anteriores a HF6, BIG-IP APM and ASM 10.1.0 hasta la versi\u00f3n 10.2.4, 11.x en versiones anteriores a 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.3 HF2 y 11.6.0 en versiones anteriores a HF6, BIG-IP Edge Gateway, WebAccelerator y WOM 10.1.x, 10.2.x en versiones anteriores a 10.2.4 HF13, 11.x en versiones anteriores a 11.2.1 HF15 y 11.3.0, BIG-IP PSM 10.1.x, 10.2.x en versiones anteriores a 10.2.4 HF13, 11.x en versiones anteriores a 11.2.1 HF15, 11.3.x y 11.4.x en versiones anteriores a 11.4.1 HF, Enterprise Manager 3.0.0 hasta la versi\u00f3n 3.1.1, BIG-IQ Cloud and Security 4.0.0 hasta la versi\u00f3n 4.5.0, BIG-IQ Device 4.2.0 hasta la versi\u00f3n 4.5.0 y BIG-IQ ADC 4.5.0 podr\u00eda permitir a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de un gran n\u00famero de paquetes UDP manipulados."
    }
  ],
  "id": "CVE-2015-5516",
  "lastModified": "2024-11-21T02:33:11.340",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-01-20T16:59:01.380",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034686"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034687"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034686"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034687"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2015-11-06 18:59

Modified

2024-11-21 02:36

Severity ?

Summary

The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1.0 through 11.4.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ ADC 4.5.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to cause a denial of service or gain privileges by leveraging permission to upload and execute code.

References

URL	Tags
cve@mitre.org	http://www.securitytracker.com/id/1034025
cve@mitre.org	http://www.securitytracker.com/id/1034026
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034025
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034026
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-iq_device	4.2.0
f5	big-iq_device	4.3.0
f5	big-iq_device	4.4.0
f5	big-iq_device	4.5.0
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.5.2
f5	big-ip_policy_enforcement_manager	11.5.3
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_global_traffic_manager	11.1.0
f5	big-ip_global_traffic_manager	11.2.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.5.2
f5	big-ip_global_traffic_manager	11.5.3
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_analytics	11.1.0
f5	big-ip_analytics	11.2.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.5.2
f5	big-ip_analytics	11.5.3
f5	big-ip_analytics	11.6.0
f5	big-ip_link_controller	11.1.0
f5	big-ip_link_controller	11.2.0
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.3.0
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.5.2
f5	big-ip_link_controller	11.5.3
f5	big-ip_link_controller	11.6.0
f5	big-ip_webaccelerator	11.1.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0
f5	big-ip_application_security_manager	11.1.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.5.2
f5	big-ip_application_security_manager	11.5.3
f5	big-ip_application_security_manager	11.6.0
f5	big-iq_security	4.0.0
f5	big-iq_security	4.1.0
f5	big-iq_security	4.2.0
f5	big-iq_security	4.3.0
f5	big-iq_security	4.4.0
f5	big-iq_security	4.5.0
f5	big-ip_wan_optimization_manager	11.1.0
f5	big-ip_wan_optimization_manager	11.2.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-ip_edge_gateway	11.1.0
f5	big-ip_edge_gateway	11.2.0
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_edge_gateway	11.3.0
f5	big-ip_access_policy_manager	11.1.0
f5	big-ip_access_policy_manager	11.2.0
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_enterprise_manager	3.0.0
f5	big-ip_enterprise_manager	3.1.0
f5	big-ip_enterprise_manager	3.1.1
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.5.2
f5	big-ip_application_acceleration_manager	11.5.3
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_protocol_security_module	11.1.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-iq_cloud	4.0.0
f5	big-iq_cloud	4.1.0
f5	big-iq_cloud	4.2.0
f5	big-iq_cloud	4.3.0
f5	big-iq_cloud	4.4.0
f5	big-iq_cloud	4.5.0
f5	big-ip_local_traffic_manager	11.1.0
f5	big-ip_local_traffic_manager	11.2.0
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.5.2
f5	big-ip_local_traffic_manager	11.5.3
f5	big-iq_adc	4.5.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13753E9F-11AA-41F4-930E-BD9866D03396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D04FC0C-5E44-4DAD-9542-C772EA35916C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE47FF9-E13D-41D3-BEA2-EF1B973CB0A9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1.0 through 11.4.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ ADC 4.5.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to cause a denial of service or gain privileges by leveraging permission to upload and execute code."
    },
    {
      "lang": "es",
      "value": "El m\u00f3dulo del kernel datastor en F5 BIG-IP Analytics, APM, ASM, Link Controller y LTM 11.1.0 en versiones anteriores a 12.0.0, BIG-IP AAM 11.4.0 en versiones anteriores a 12.0.0, BIG-IP AFM, PEM 11.3.0 en versiones anteriores a 12.0.0, BIG-IP Edge Gateway, WebAccelerator y WOM 11.1.0 hasta la versi\u00f3n 11.3.0, BIG-IP GTM 11.1.0 hasta la versi\u00f3n 11.6.0, BIG-IP PSM 11.1.0 hasta la versi\u00f3n 11.4.1, BIG-IQ Cloud and Security 4.0.0 hasta la versi\u00f3n 4.5.0, BIG-IQ Device 4.2.0 hasta la versi\u00f3n 4.5.0, BIG-IQ ADC 4.5.0 y Enterprise Manager 3.0.0 hasta la versi\u00f3n 3.1.1 permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio u obtener privilegios mediante el aprovechamiento de permisos para cargar y ejecutar c\u00f3digo."
    }
  ],
  "id": "CVE-2015-7394",
  "lastModified": "2024-11-21T02:36:42.863",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-11-06T18:59:03.407",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034025"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034026"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034025"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-06-30 17:59

Modified

2024-11-21 02:53

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script.

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/bid/91532	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id/1036131	Third Party Advisory, VDB Entry
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/91532	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036131	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_wan_optimization_manager	10.2.1
f5	big-ip_wan_optimization_manager	10.2.2
f5	big-ip_wan_optimization_manager	10.2.3
f5	big-ip_wan_optimization_manager	10.2.4
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_protocol_security_module	10.2.1
f5	big-ip_protocol_security_module	10.2.2
f5	big-ip_protocol_security_module	10.2.3
f5	big-ip_protocol_security_module	10.2.4
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.5.2
f5	big-ip_application_acceleration_manager	11.5.3
f5	big-ip_application_acceleration_manager	11.5.4
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_application_acceleration_manager	11.6.1
f5	big-ip_application_acceleration_manager	12.0.0
f5	big-ip_application_acceleration_manager	12.1.0
f5	big-ip_edge_gateway	10.2.1
f5	big-ip_edge_gateway	10.2.2
f5	big-ip_edge_gateway	10.2.3
f5	big-ip_edge_gateway	10.2.4
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_webaccelerator	10.2.1
f5	big-ip_webaccelerator	10.2.2
f5	big-ip_webaccelerator	10.2.3
f5	big-ip_webaccelerator	10.2.4
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_domain_name_system	12.0.0
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.5.2
f5	big-ip_analytics	11.5.3
f5	big-ip_analytics	11.5.4
f5	big-ip_analytics	11.6.0
f5	big-ip_analytics	11.6.1
f5	big-ip_analytics	12.0.0
f5	big-ip_access_policy_manager	10.2.1
f5	big-ip_access_policy_manager	10.2.2
f5	big-ip_access_policy_manager	10.2.3
f5	big-ip_access_policy_manager	10.2.4
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_access_policy_manager	11.5.4
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_access_policy_manager	11.6.1
f5	big-ip_access_policy_manager	12.0.0
f5	big-ip_link_controller	10.2.1
f5	big-ip_link_controller	10.2.2
f5	big-ip_link_controller	10.2.3
f5	big-ip_link_controller	10.2.4
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.5.2
f5	big-ip_link_controller	11.5.3
f5	big-ip_link_controller	11.5.4
f5	big-ip_link_controller	11.6.0
f5	big-ip_link_controller	11.6.1
f5	big-ip_link_controller	12.0.0
f5	big-ip_local_traffic_manager	10.2.1
f5	big-ip_local_traffic_manager	10.2.2
f5	big-ip_local_traffic_manager	10.2.3
f5	big-ip_local_traffic_manager	10.2.4
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.5.2
f5	big-ip_local_traffic_manager	11.5.3
f5	big-ip_local_traffic_manager	11.5.4
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_local_traffic_manager	11.6.1
f5	big-ip_local_traffic_manager	12.0.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_advanced_firewall_manager	11.5.4
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_advanced_firewall_manager	11.6.1
f5	big-ip_advanced_firewall_manager	12.0.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.5.2
f5	big-ip_policy_enforcement_manager	11.5.3
f5	big-ip_policy_enforcement_manager	11.5.4
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_policy_enforcement_manager	11.6.1
f5	big-ip_policy_enforcement_manager	12.0.0
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_global_traffic_manager	10.2.1
f5	big-ip_global_traffic_manager	10.2.2
f5	big-ip_global_traffic_manager	10.2.3
f5	big-ip_global_traffic_manager	10.2.4
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.5.2
f5	big-ip_global_traffic_manager	11.5.3
f5	big-ip_global_traffic_manager	11.5.4
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_global_traffic_manager	11.6.1
f5	big-ip_application_security_manager	10.2.1
f5	big-ip_application_security_manager	10.2.2
f5	big-ip_application_security_manager	10.2.3
f5	big-ip_application_security_manager	10.2.4
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.5.2
f5	big-ip_application_security_manager	11.5.3
f5	big-ip_application_security_manager	11.5.4
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_application_security_manager	11.6.1
f5	big-ip_application_security_manager	12.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECA90FB8-E2CD-400F-B753-1B482E7FAC96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A065BC0-56BD-4665-A860-EBA37F1A4D8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "911BB6DB-B2D1-4855-A65C-F0799E034358",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script."
    },
    {
      "lang": "es",
      "value": "F5 BIG-IP en versiones anteriores a 12.0.0 HF3 permite a usuarios remotos autenticados modificar la configuraci\u00f3n de cuenta de usuarios con el rol Resource Administration y obtener privilegios a trav\u00e9s de una secuencia de comandos de monitor Extended Application Verification (EAV) externa manipulada."
    }
  ],
  "id": "CVE-2016-5020",
  "lastModified": "2024-11-21T02:53:27.740",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-06-30T17:59:08.970",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/91532"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036131"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/91532"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-08-26 14:59

Modified

2024-11-21 02:53

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic.

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/bid/92670	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id/1036624	Third Party Advisory, VDB Entry
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/92670	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036624	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.3
f5	big-ip_analytics	11.5.4
f5	big-ip_analytics	11.6.0
f5	big-ip_analytics	12.0.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.3
f5	big-ip_application_security_manager	11.5.4
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_application_security_manager	12.0.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_advanced_firewall_manager	11.5.4
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_advanced_firewall_manager	12.0.0
f5	big-ip_domain_name_system	12.0.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.3
f5	big-ip_policy_enforcement_manager	11.5.4
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_policy_enforcement_manager	12.0.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_access_policy_manager	11.5.4
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_access_policy_manager	12.0.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.3
f5	big-ip_application_acceleration_manager	11.5.4
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_application_acceleration_manager	12.0.0
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.3
f5	big-ip_link_controller	11.5.4
f5	big-ip_link_controller	11.6.0
f5	big-ip_link_controller	12.0.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.3
f5	big-ip_global_traffic_manager	11.5.4
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.3
f5	big-ip_link_controller	11.5.4
f5	big-ip_link_controller	11.6.0
f5	big-ip_link_controller	12.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic."
    },
    {
      "lang": "es",
      "value": "Servidores virtuales en sistemas F5 BIG-IP 11.2.1 HF11 hasta la versi\u00f3n HF15, 11.4.1 HF4 hasta la versi\u00f3n HF10, 11.5.3 hasta la versi\u00f3n 11.5.4, 11.6.0 HF5 hasta la versi\u00f3n HF7 y 12.0.0, cuando se configura con un perfil TCP, permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de Traffic Management Microkernel) a trav\u00e9s de tr\u00e1fico de red manipulado."
    }
  ],
  "id": "CVE-2016-5023",
  "lastModified": "2024-11-21T02:53:28.287",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-26T14:59:01.277",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/92670"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036624"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/92670"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-09-07 19:28

Modified

2024-11-21 02:57

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP DNS 12.0.0 before HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 10.2.1 through 10.2.4 and 11.2.1; BIG-IP GTM 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1 allows remote DNS servers to cause a denial of service (CPU consumption or Traffic Management Microkernel crash) via a crafted PTR response.

References

URL	Tags
cve@mitre.org	http://www.securitytracker.com/id/1036725	Third Party Advisory, VDB Entry
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036725	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_local_traffic_manager	10.2.1
f5	big-ip_local_traffic_manager	10.2.2
f5	big-ip_local_traffic_manager	10.2.3
f5	big-ip_local_traffic_manager	10.2.4
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.5.2
f5	big-ip_local_traffic_manager	11.5.3
f5	big-ip_local_traffic_manager	11.5.4
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_local_traffic_manager	12.0.0
f5	big-ip_webaccelerator	10.2.1
f5	big-ip_webaccelerator	10.2.2
f5	big-ip_webaccelerator	10.2.3
f5	big-ip_webaccelerator	10.2.4
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.5.2
f5	big-ip_application_acceleration_manager	11.5.3
f5	big-ip_application_acceleration_manager	11.5.4
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_application_acceleration_manager	12.0.0
f5	big-ip_global_traffic_manager	10.2.1
f5	big-ip_global_traffic_manager	10.2.2
f5	big-ip_global_traffic_manager	10.2.3
f5	big-ip_global_traffic_manager	10.2.4
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.5.2
f5	big-ip_global_traffic_manager	11.5.3
f5	big-ip_global_traffic_manager	11.5.4
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_link_controller	10.2.1
f5	big-ip_link_controller	10.2.2
f5	big-ip_link_controller	10.2.3
f5	big-ip_link_controller	10.2.4
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.5.2
f5	big-ip_link_controller	11.5.3
f5	big-ip_link_controller	11.5.4
f5	big-ip_link_controller	11.6.0
f5	big-ip_link_controller	12.0.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_advanced_firewall_manager	11.5.4
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_advanced_firewall_manager	12.0.0
f5	big-ip_protocol_security_module	10.2.1
f5	big-ip_protocol_security_module	10.2.2
f5	big-ip_protocol_security_module	10.2.3
f5	big-ip_protocol_security_module	10.2.4
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_wan_optimization_manager	10.2.1
f5	big-ip_wan_optimization_manager	10.2.2
f5	big-ip_wan_optimization_manager	10.2.3
f5	big-ip_wan_optimization_manager	10.2.4
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_application_security_manager	10.2.1
f5	big-ip_application_security_manager	10.2.2
f5	big-ip_application_security_manager	10.2.3
f5	big-ip_application_security_manager	10.2.4
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.5.2
f5	big-ip_application_security_manager	11.5.3
f5	big-ip_application_security_manager	11.5.4
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_application_security_manager	12.0.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.5.2
f5	big-ip_policy_enforcement_manager	11.5.3
f5	big-ip_policy_enforcement_manager	11.5.4
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_policy_enforcement_manager	12.0.0
f5	big-ip_domain_name_system	12.0.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.5.2
f5	big-ip_analytics	11.5.3
f5	big-ip_analytics	11.5.4
f5	big-ip_analytics	11.6.0
f5	big-ip_analytics	12.0.0
f5	big-ip_edge_gateway	10.2.1
f5	big-ip_edge_gateway	10.2.2
f5	big-ip_edge_gateway	10.2.3
f5	big-ip_edge_gateway	10.2.4
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_access_policy_manager	10.2.1
f5	big-ip_access_policy_manager	10.2.2
f5	big-ip_access_policy_manager	10.2.3
f5	big-ip_access_policy_manager	10.2.4
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_access_policy_manager	11.5.4
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_access_policy_manager	12.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP DNS 12.0.0 before HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 10.2.1 through 10.2.4 and 11.2.1; BIG-IP GTM 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1 allows remote DNS servers to cause a denial of service (CPU consumption or Traffic Management Microkernel crash) via a crafted PTR response."
    },
    {
      "lang": "es",
      "value": "El comando RESOLV::lookup iRule en F5 BIG-IP LTM, APM, ASM y Link Controller 10.2.1 hasta la versi\u00f3n 10.2.4, 11.2.1, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.0.0 en versiones anteriores a HF3; BIG-IP AAM, AFM y PEM 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.0.0 en versiones anteriores a HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.0.0 en versiones anteriores a HF3; BIG-IP DNS 12.0.0 en versiones anteriores a HF3; BIG-IP Edge Gateway, WebAccelerator y WOM 10.2.1 hasta la versi\u00f3n 10.2.4 y 11.2.1; BIG-IP GTM 10.2.1 hasta la versi\u00f3n 10.2.4, 11.2.1, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2 y 11.6.x en versiones anteriores a 11.6.1; y BIG-IP PSM 10.2.1 hasta la versi\u00f3n 10.2.4 y 11.4.0 hasta la versi\u00f3n 11.4.1 permite a servidores DNS remotos provocar una denegaci\u00f3n de servicio (consumo de CPU o ca\u00edda de Traffic Management Microkernel) a trav\u00e9s de una respuesta PTR manipulada."
    }
  ],
  "id": "CVE-2016-6876",
  "lastModified": "2024-11-21T02:57:00.097",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-09-07T19:28:17.927",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036725"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-09-25 01:55

Modified

2025-01-06 19:35

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

References

URL	Tags
cve@mitre.org	http://advisories.mageia.org/MGASA-2014-0393.html	Third Party Advisory
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html	Broken Link
cve@mitre.org	http://jvn.jp/en/jp/JVN55667175/index.html	Third Party Advisory
cve@mitre.org	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126	Third Party Advisory, VDB Entry
cve@mitre.org	http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html	Third Party Advisory
cve@mitre.org	http://linux.oracle.com/errata/ELSA-2014-1306.html	Third Party Advisory
cve@mitre.org	http://linux.oracle.com/errata/ELSA-2014-3075.html	Third Party Advisory
cve@mitre.org	http://linux.oracle.com/errata/ELSA-2014-3077.html	Third Party Advisory
cve@mitre.org	http://linux.oracle.com/errata/ELSA-2014-3078.html	Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html	Mailing List, Third Party Advisory
cve@mitre.org	http://marc.info/?l=bugtraq&m=141216207813411&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141216668515282&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141235957116749&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141319209015420&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141330425327438&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141330468527613&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141345648114150&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141383026420882&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141383081521087&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141383138121313&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141383196021590&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141383244821813&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141383304022067&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141383353622268&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141383465822787&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141450491804793&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141576728022234&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141577137423233&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141577241923505&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141577297623641&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141585637922673&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141694386919794&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141879528318582&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=141879528318582&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=142113462216480&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=142113462216480&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=142118135300698&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=142118135300698&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=142118135300698&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=142358026505815&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=142358026505815&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=142358078406056&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=142721162228379&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=142721162228379&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=142805027510172&w=2	Mailing List
cve@mitre.org	http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html	Exploit, Third Party Advisory, VDB Entry
cve@mitre.org	http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html	Exploit, Third Party Advisory, VDB Entry
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2014-1306.html	Third Party Advisory
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2014-1311.html	Third Party Advisory
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2014-1312.html	Third Party Advisory
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2014-1354.html	Third Party Advisory
cve@mitre.org	http://seclists.org/fulldisclosure/2014/Oct/0	Mailing List, Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/58200	Broken Link
cve@mitre.org	http://secunia.com/advisories/59272	Broken Link
cve@mitre.org	http://secunia.com/advisories/59737	Broken Link
cve@mitre.org	http://secunia.com/advisories/59907	Broken Link
cve@mitre.org	http://secunia.com/advisories/60024	Broken Link
cve@mitre.org	http://secunia.com/advisories/60034	Broken Link
cve@mitre.org	http://secunia.com/advisories/60044	Broken Link
cve@mitre.org	http://secunia.com/advisories/60055	Broken Link
cve@mitre.org	http://secunia.com/advisories/60063	Broken Link
cve@mitre.org	http://secunia.com/advisories/60193	Broken Link
cve@mitre.org	http://secunia.com/advisories/60325	Broken Link
cve@mitre.org	http://secunia.com/advisories/60433	Broken Link
cve@mitre.org	http://secunia.com/advisories/60947	Broken Link
cve@mitre.org	http://secunia.com/advisories/61065	Broken Link
cve@mitre.org	http://secunia.com/advisories/61128	Broken Link
cve@mitre.org	http://secunia.com/advisories/61129	Broken Link
cve@mitre.org	http://secunia.com/advisories/61188	Broken Link
cve@mitre.org	http://secunia.com/advisories/61283	Broken Link
cve@mitre.org	http://secunia.com/advisories/61287	Broken Link
cve@mitre.org	http://secunia.com/advisories/61291	Broken Link
cve@mitre.org	http://secunia.com/advisories/61312	Broken Link
cve@mitre.org	http://secunia.com/advisories/61313	Broken Link
cve@mitre.org	http://secunia.com/advisories/61328	Broken Link
cve@mitre.org	http://secunia.com/advisories/61442	Broken Link
cve@mitre.org	http://secunia.com/advisories/61471	Broken Link
cve@mitre.org	http://secunia.com/advisories/61479	Broken Link
cve@mitre.org	http://secunia.com/advisories/61485	Broken Link
cve@mitre.org	http://secunia.com/advisories/61503	Broken Link
cve@mitre.org	http://secunia.com/advisories/61550	Broken Link
cve@mitre.org	http://secunia.com/advisories/61552	Broken Link
cve@mitre.org	http://secunia.com/advisories/61565	Broken Link
cve@mitre.org	http://secunia.com/advisories/61603	Broken Link
cve@mitre.org	http://secunia.com/advisories/61618	Broken Link
cve@mitre.org	http://secunia.com/advisories/61619	Broken Link
cve@mitre.org	http://secunia.com/advisories/61622	Broken Link
cve@mitre.org	http://secunia.com/advisories/61626	Broken Link
cve@mitre.org	http://secunia.com/advisories/61633	Broken Link
cve@mitre.org	http://secunia.com/advisories/61641	Broken Link
cve@mitre.org	http://secunia.com/advisories/61643	Broken Link
cve@mitre.org	http://secunia.com/advisories/61654	Broken Link
cve@mitre.org	http://secunia.com/advisories/61676	Broken Link
cve@mitre.org	http://secunia.com/advisories/61700	Broken Link
cve@mitre.org	http://secunia.com/advisories/61703	Broken Link
cve@mitre.org	http://secunia.com/advisories/61711	Broken Link
cve@mitre.org	http://secunia.com/advisories/61715	Broken Link
cve@mitre.org	http://secunia.com/advisories/61780	Broken Link
cve@mitre.org	http://secunia.com/advisories/61816	Broken Link
cve@mitre.org	http://secunia.com/advisories/61855	Broken Link
cve@mitre.org	http://secunia.com/advisories/61857	Broken Link
cve@mitre.org	http://secunia.com/advisories/61873	Broken Link
cve@mitre.org	http://secunia.com/advisories/62228	Broken Link
cve@mitre.org	http://secunia.com/advisories/62312	Broken Link
cve@mitre.org	http://secunia.com/advisories/62343	Broken Link
cve@mitre.org	http://support.apple.com/kb/HT6495	Third Party Advisory
cve@mitre.org	http://support.novell.com/security/cve/CVE-2014-7169.html	Third Party Advisory
cve@mitre.org	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash	Third Party Advisory
cve@mitre.org	http://twitter.com/taviso/statuses/514887394294652929	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21685541	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21685604	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21685733	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21685749	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21685914	Broken Link
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686084	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686131	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686246	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686445	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686447	Broken Link
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686479	Broken Link
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686494	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21687079	Third Party Advisory
cve@mitre.org	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315	Broken Link
cve@mitre.org	http://www.debian.org/security/2014/dsa-3035	Mailing List, Third Party Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/252743	Third Party Advisory, US Government Resource
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2015:164	Broken Link
cve@mitre.org	http://www.novell.com/support/kb/doc.php?id=7015701	Third Party Advisory
cve@mitre.org	http://www.novell.com/support/kb/doc.php?id=7015721	Third Party Advisory
cve@mitre.org	http://www.openwall.com/lists/oss-security/2014/09/24/32	Mailing List
cve@mitre.org	http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html	Patch, Third Party Advisory
cve@mitre.org	http://www.qnap.com/i/en/support/con_show.php?cid=61	Third Party Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/533593/100/0/threaded	Broken Link, Third Party Advisory, VDB Entry
cve@mitre.org	http://www.ubuntu.com/usn/USN-2363-1	Third Party Advisory
cve@mitre.org	http://www.ubuntu.com/usn/USN-2363-2	Third Party Advisory
cve@mitre.org	http://www.us-cert.gov/ncas/alerts/TA14-268A	Third Party Advisory, US Government Resource
cve@mitre.org	http://www.vmware.com/security/advisories/VMSA-2014-0010.html	Third Party Advisory
cve@mitre.org	https://access.redhat.com/articles/1200223	Third Party Advisory
cve@mitre.org	https://access.redhat.com/node/1200223	Third Party Advisory
cve@mitre.org	https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes	Broken Link
cve@mitre.org	https://kb.bluecoat.com/index?page=content&id=SA82	Broken Link
cve@mitre.org	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648	Third Party Advisory
cve@mitre.org	https://kc.mcafee.com/corporate/index?page=content&id=SB10085	Broken Link
cve@mitre.org	https://support.apple.com/kb/HT6535	Third Party Advisory
cve@mitre.org	https://support.citrix.com/article/CTX200217	Third Party Advisory
cve@mitre.org	https://support.citrix.com/article/CTX200223	Permissions Required
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html	Third Party Advisory
cve@mitre.org	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075	Broken Link
cve@mitre.org	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183	Broken Link
cve@mitre.org	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts	Third Party Advisory
cve@mitre.org	https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006	Third Party Advisory
cve@mitre.org	https://www.exploit-db.com/exploits/34879/	Exploit, Third Party Advisory, VDB Entry
cve@mitre.org	https://www.suse.com/support/shellshock/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://advisories.mageia.org/MGASA-2014-0393.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN55667175/index.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://linux.oracle.com/errata/ELSA-2014-1306.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://linux.oracle.com/errata/ELSA-2014-3075.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://linux.oracle.com/errata/ELSA-2014-3077.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://linux.oracle.com/errata/ELSA-2014-3078.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141216207813411&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141216668515282&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141235957116749&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141319209015420&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141330425327438&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141330468527613&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141345648114150&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383026420882&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383081521087&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383138121313&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383196021590&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383244821813&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383304022067&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383353622268&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141383465822787&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141450491804793&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141576728022234&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141577137423233&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141577241923505&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141577297623641&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141585637922673&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141694386919794&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141879528318582&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=141879528318582&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142113462216480&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142113462216480&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142118135300698&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142118135300698&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142118135300698&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142358026505815&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142358026505815&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142358078406056&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142721162228379&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142721162228379&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142805027510172&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1306.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1311.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1312.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1354.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2014/Oct/0	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/58200	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59272	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59737	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59907	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60024	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60034	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60044	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60055	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60063	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60193	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60325	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60433	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60947	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61065	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61128	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61129	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61188	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61283	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61287	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61291	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61312	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61313	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61328	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61442	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61471	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61479	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61485	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61503	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61550	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61552	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61565	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61603	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61618	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61619	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61622	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61626	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61633	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61641	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61643	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61654	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61676	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61700	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61703	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61711	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61715	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61780	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61816	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61855	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61857	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61873	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62228	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62312	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62343	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT6495	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.novell.com/security/cve/CVE-2014-7169.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://twitter.com/taviso/statuses/514887394294652929	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21685541	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21685604	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21685733	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21685749	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21685914	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686084	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686131	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686246	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686445	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686447	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686479	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686494	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21687079	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2014/dsa-3035	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/252743	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2015:164	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/support/kb/doc.php?id=7015701	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/support/kb/doc.php?id=7015721	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2014/09/24/32	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.qnap.com/i/en/support/con_show.php?cid=61	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/533593/100/0/threaded	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2363-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2363-2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/ncas/alerts/TA14-268A	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2014-0010.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/articles/1200223	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/node/1200223	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://kb.bluecoat.com/index?page=content&id=SA82	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kc.mcafee.com/corporate/index?page=content&id=SB10085	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/kb/HT6535	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.citrix.com/article/CTX200217	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.citrix.com/article/CTX200223	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/34879/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.suse.com/support/shellshock/	Third Party Advisory

Impacted products

Vendor	Product	Version
gnu	bash	*
arista	eos	*
arista	eos	*
arista	eos	*
arista	eos	*
arista	eos	*
arista	eos	*
oracle	linux	4
oracle	linux	5
oracle	linux	6
qnap	qts	*
qnap	qts	4.1.1
qnap	qts	4.1.1
mageia	mageia	3.0
mageia	mageia	4.0
redhat	gluster_storage_server_for_on-premise	2.1
redhat	virtualization	3.4
redhat	enterprise_linux	4.0
redhat	enterprise_linux	5.0
redhat	enterprise_linux	6.0
redhat	enterprise_linux	7.0
redhat	enterprise_linux_desktop	5.0
redhat	enterprise_linux_desktop	6.0
redhat	enterprise_linux_desktop	7.0
redhat	enterprise_linux_eus	5.9
redhat	enterprise_linux_eus	6.4
redhat	enterprise_linux_eus	6.5
redhat	enterprise_linux_eus	7.3
redhat	enterprise_linux_eus	7.4
redhat	enterprise_linux_eus	7.5
redhat	enterprise_linux_eus	7.6
redhat	enterprise_linux_eus	7.7
redhat	enterprise_linux_for_ibm_z_systems	5.9_s390x
redhat	enterprise_linux_for_ibm_z_systems	6.4_s390x
redhat	enterprise_linux_for_ibm_z_systems	6.5_s390x
redhat	enterprise_linux_for_ibm_z_systems	7.3_s390x
redhat	enterprise_linux_for_ibm_z_systems	7.4_s390x
redhat	enterprise_linux_for_ibm_z_systems	7.5_s390x
redhat	enterprise_linux_for_ibm_z_systems	7.6_s390x
redhat	enterprise_linux_for_ibm_z_systems	7.7_s390x
redhat	enterprise_linux_for_power_big_endian	5.0_ppc
redhat	enterprise_linux_for_power_big_endian	5.9_ppc
redhat	enterprise_linux_for_power_big_endian	6.0_ppc64
redhat	enterprise_linux_for_power_big_endian	6.4_ppc64
redhat	enterprise_linux_for_power_big_endian	7.0_ppc64
redhat	enterprise_linux_for_power_big_endian_eus	6.5_ppc64
redhat	enterprise_linux_for_power_big_endian_eus	7.3_ppc64
redhat	enterprise_linux_for_power_big_endian_eus	7.4_ppc64
redhat	enterprise_linux_for_power_big_endian_eus	7.5_ppc64
redhat	enterprise_linux_for_power_big_endian_eus	7.6_ppc64
redhat	enterprise_linux_for_power_big_endian_eus	7.7_ppc64
redhat	enterprise_linux_for_scientific_computing	6.0
redhat	enterprise_linux_for_scientific_computing	7.0
redhat	enterprise_linux_server	5.0
redhat	enterprise_linux_server	6.0
redhat	enterprise_linux_server	7.0
redhat	enterprise_linux_server_aus	5.6
redhat	enterprise_linux_server_aus	5.9
redhat	enterprise_linux_server_aus	6.2
redhat	enterprise_linux_server_aus	6.4
redhat	enterprise_linux_server_aus	6.5
redhat	enterprise_linux_server_aus	7.3
redhat	enterprise_linux_server_aus	7.4
redhat	enterprise_linux_server_aus	7.6
redhat	enterprise_linux_server_aus	7.7
redhat	enterprise_linux_server_from_rhui	5.0
redhat	enterprise_linux_server_from_rhui	6.0
redhat	enterprise_linux_server_from_rhui	7.0
redhat	enterprise_linux_server_tus	6.5
redhat	enterprise_linux_server_tus	7.3
redhat	enterprise_linux_server_tus	7.6
redhat	enterprise_linux_server_tus	7.7
redhat	enterprise_linux_workstation	5.0
redhat	enterprise_linux_workstation	6.0
redhat	enterprise_linux_workstation	7.0
suse	studio_onsite	1.3
opensuse	opensuse	12.3
opensuse	opensuse	13.1
opensuse	opensuse	13.2
suse	linux_enterprise_desktop	11
suse	linux_enterprise_desktop	12
suse	linux_enterprise_server	10
suse	linux_enterprise_server	10
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
suse	linux_enterprise_server	12
suse	linux_enterprise_software_development_kit	11
suse	linux_enterprise_software_development_kit	12
debian	debian_linux	7.0
ibm	infosphere_guardium_database_activity_monitoring	8.2
ibm	infosphere_guardium_database_activity_monitoring	9.0
ibm	infosphere_guardium_database_activity_monitoring	9.1
ibm	pureapplication_system	*
ibm	pureapplication_system	*
ibm	pureapplication_system	2.0.0.0
ibm	qradar_risk_manager	7.1.0
ibm	qradar_security_information_and_event_manager	7.1.0
ibm	qradar_security_information_and_event_manager	7.1.0
ibm	qradar_security_information_and_event_manager	7.1.0
ibm	qradar_security_information_and_event_manager	7.1.1
ibm	qradar_security_information_and_event_manager	7.1.1
ibm	qradar_security_information_and_event_manager	7.1.1
ibm	qradar_security_information_and_event_manager	7.1.1
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.1.2
ibm	qradar_security_information_and_event_manager	7.2
ibm	qradar_security_information_and_event_manager	7.2.0
ibm	qradar_security_information_and_event_manager	7.2.0
ibm	qradar_security_information_and_event_manager	7.2.0
ibm	qradar_security_information_and_event_manager	7.2.0
ibm	qradar_security_information_and_event_manager	7.2.1
ibm	qradar_security_information_and_event_manager	7.2.1
ibm	qradar_security_information_and_event_manager	7.2.1
ibm	qradar_security_information_and_event_manager	7.2.1
ibm	qradar_security_information_and_event_manager	7.2.2
ibm	qradar_security_information_and_event_manager	7.2.2
ibm	qradar_security_information_and_event_manager	7.2.2
ibm	qradar_security_information_and_event_manager	7.2.2
ibm	qradar_security_information_and_event_manager	7.2.2
ibm	qradar_security_information_and_event_manager	7.2.3
ibm	qradar_security_information_and_event_manager	7.2.3
ibm	qradar_security_information_and_event_manager	7.2.3
ibm	qradar_security_information_and_event_manager	7.2.3
ibm	qradar_security_information_and_event_manager	7.2.3
ibm	qradar_security_information_and_event_manager	7.2.4
ibm	qradar_security_information_and_event_manager	7.2.4
ibm	qradar_security_information_and_event_manager	7.2.4
ibm	qradar_security_information_and_event_manager	7.2.4
ibm	qradar_security_information_and_event_manager	7.2.4
ibm	qradar_security_information_and_event_manager	7.2.4
ibm	qradar_security_information_and_event_manager	7.2.4
ibm	qradar_security_information_and_event_manager	7.2.5
ibm	qradar_security_information_and_event_manager	7.2.5
ibm	qradar_security_information_and_event_manager	7.2.5
ibm	qradar_security_information_and_event_manager	7.2.5
ibm	qradar_security_information_and_event_manager	7.2.5
ibm	qradar_security_information_and_event_manager	7.2.5
ibm	qradar_security_information_and_event_manager	7.2.5
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.6
ibm	qradar_security_information_and_event_manager	7.2.7
ibm	qradar_security_information_and_event_manager	7.2.7
ibm	qradar_security_information_and_event_manager	7.2.7
ibm	qradar_security_information_and_event_manager	7.2.7
ibm	qradar_security_information_and_event_manager	7.2.7
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8
ibm	qradar_security_information_and_event_manager	7.2.8.15
ibm	qradar_security_information_and_event_manager	7.2.9
ibm	qradar_vulnerability_manager	7.2.0
ibm	qradar_vulnerability_manager	7.2.1
ibm	qradar_vulnerability_manager	7.2.2
ibm	qradar_vulnerability_manager	7.2.3
ibm	qradar_vulnerability_manager	7.2.4
ibm	qradar_vulnerability_manager	7.2.6
ibm	qradar_vulnerability_manager	7.2.6
ibm	qradar_vulnerability_manager	7.2.6
ibm	qradar_vulnerability_manager	7.2.6
ibm	qradar_vulnerability_manager	7.2.6
ibm	qradar_vulnerability_manager	7.2.6
ibm	qradar_vulnerability_manager	7.2.6
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	qradar_vulnerability_manager	7.2.8
ibm	smartcloud_entry_appliance	2.3.0
ibm	smartcloud_entry_appliance	2.4.0
ibm	smartcloud_entry_appliance	3.1.0
ibm	smartcloud_entry_appliance	3.2.0
ibm	smartcloud_provisioning	2.1.0
ibm	software_defined_network_for_virtual_environments	*
ibm	software_defined_network_for_virtual_environments	*
ibm	software_defined_network_for_virtual_environments	*
ibm	starter_kit_for_cloud	2.2.0
ibm	workload_deployer	*
ibm	security_access_manager_for_mobile_8.0_firmware	8.0.0.1
ibm	security_access_manager_for_mobile_8.0_firmware	8.0.0.2
ibm	security_access_manager_for_mobile_8.0_firmware	8.0.0.3
ibm	security_access_manager_for_mobile_8.0_firmware	8.0.0.5
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.1
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.2
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.3
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.4
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.5
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.6
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.7
ibm	security_access_manager_for_web_7.0_firmware	7.0.0.8
ibm	security_access_manager_for_web_8.0_firmware	8.0.0.2
ibm	security_access_manager_for_web_8.0_firmware	8.0.0.3
ibm	security_access_manager_for_web_8.0_firmware	8.0.0.5
ibm	storwize_v7000_firmware	*
ibm	storwize_v7000_firmware	*
ibm	storwize_v7000_firmware	*
ibm	storwize_v7000_firmware	*
ibm	storwize_v7000	-
ibm	storwize_v5000_firmware	*
ibm	storwize_v5000_firmware	*
ibm	storwize_v5000_firmware	*
ibm	storwize_v5000	-
ibm	storwize_v3700_firmware	*
ibm	storwize_v3700_firmware	*
ibm	storwize_v3700_firmware	*
ibm	storwize_v3700	-
ibm	storwize_v3500_firmware	*
ibm	storwize_v3500_firmware	*
ibm	storwize_v3500_firmware	*
ibm	storwize_v3500	-
ibm	flex_system_v7000_firmware	*
ibm	flex_system_v7000_firmware	*
ibm	flex_system_v7000_firmware	*
ibm	flex_system_v7000	-
ibm	san_volume_controller_firmware	*
ibm	san_volume_controller_firmware	*
ibm	san_volume_controller_firmware	*
ibm	san_volume_controller	-
ibm	stn6500_firmware	*
ibm	stn6500_firmware	*
ibm	stn6500_firmware	*
ibm	stn6500	-
ibm	stn6800_firmware	*
ibm	stn6800_firmware	*
ibm	stn6800_firmware	*
ibm	stn6800	-
ibm	stn7800_firmware	*
ibm	stn7800_firmware	*
ibm	stn7800_firmware	*
ibm	stn7800	-
canonical	ubuntu_linux	10.04
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	14.04
novell	zenworks_configuration_management	10.3
novell	zenworks_configuration_management	11
novell	zenworks_configuration_management	11.1
novell	zenworks_configuration_management	11.2
novell	zenworks_configuration_management	11.3.0
novell	open_enterprise_server	2.0
novell	open_enterprise_server	11.0
checkpoint	security_gateway	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_analytics	*
f5	big-ip_analytics	11.6.0
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_edge_gateway	*
f5	big-ip_edge_gateway	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	11.6.0
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_protocol_security_module	*
f5	big-ip_protocol_security_module	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	*
f5	big-iq_cloud	*
f5	big-iq_device	*
f5	big-iq_security	*
f5	enterprise_manager	*
f5	enterprise_manager	*
f5	traffix_signaling_delivery_controller	*
f5	traffix_signaling_delivery_controller	3.3.2
f5	traffix_signaling_delivery_controller	3.4.1
f5	traffix_signaling_delivery_controller	3.5.1
f5	traffix_signaling_delivery_controller	4.1.0
f5	arx_firmware	*
f5	arx	-
citrix	netscaler_sdx_firmware	*
citrix	netscaler_sdx_firmware	*
citrix	netscaler_sdx_firmware	*
citrix	netscaler_sdx	-
apple	mac_os_x	*
vmware	vcenter_server_appliance	5.0
vmware	vcenter_server_appliance	5.0
vmware	vcenter_server_appliance	5.0
vmware	vcenter_server_appliance	5.1
vmware	vcenter_server_appliance	5.1
vmware	vcenter_server_appliance	5.1
vmware	vcenter_server_appliance	5.5
vmware	vcenter_server_appliance	5.5
vmware	esx	4.0
vmware	esx	4.1

JSON

To clipboard

{
  "cisaActionDue": "2022-07-28",
  "cisaExploitAdd": "2022-01-28",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4DBE402-1B0A-4854-ABE5-891321454C25",
              "versionEndIncluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCA5A28D-79B6-4F3E-9C98-65D4DFAD8EE7",
              "versionEndExcluding": "4.9.12",
              "versionStartIncluding": "4.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B1DC7EF-C994-4252-9DFE-DCA63FB17AE0",
              "versionEndExcluding": "4.10.9",
              "versionStartIncluding": "4.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9056776F-03F6-4C3D-8635-37D66FD16EAA",
              "versionEndExcluding": "4.11.11",
              "versionStartIncluding": "4.11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFEE6963-F73F-4B71-B4F8-6E550FBDA5F6",
              "versionEndExcluding": "4.12.9",
              "versionStartIncluding": "4.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8296875A-64FA-4592-848A-A923126BD8AF",
              "versionEndExcluding": "4.13.9",
              "versionStartIncluding": "4.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "816A16AF-1F5E-483A-AA89-3022818FAE43",
              "versionEndExcluding": "4.14.4f",
              "versionStartIncluding": "4.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:linux:4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8421899-5D10-4C2B-88AA-3DA909FE3E67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*",
              "matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
              "matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE8B7F1F-22F6-4B10-A6E5-DE44B1D2E649",
              "versionEndExcluding": "4.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:4.1.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "F407EA72-BA1A-41A2-B699-874304A638A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:4.1.1:build_0927:*:*:*:*:*:*",
              "matchCriteriaId": "DDA25903-B334-438B-8196-B9E5119199D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F1E356-E019-47E8-AA5F-702DA93CF74E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F805A106-9A6F-48E7-8582-D3C5A26DFC11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC489F35-07F1-4C3E-80B9-78F0689BC54B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:virtualization:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "95CE35FC-266F-4025-A0B8-FB853C020800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6252E88C-27FF-420D-A64A-C34124CF7E6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5537E1-1E8E-49C5-B4CB-A8E2EE3F5088",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "804DFF9F-BAA8-4239-835B-6182471A224F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE496C0-35F7-44DC-B3F0-71EA3A613C38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "71179893-49F2-433C-A7AC-687075F9CC1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D4C43D8-02A5-4385-A89E-F265FEEC9E9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "37ECC029-3D84-4DD7-B28B-E5AD5559CF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CBED2A-B6B0-420E-BC40-160930D8662E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "652F7BB0-A6EA-45D0-86D4-49F4CA6C3EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:*:*:*:*:*:*:*",
              "matchCriteriaId": "29BBF1AC-F31F-4251-8054-0D89A8E6E990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52A4A2F-6385-4E5F-B2C7-0EF7267546F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D8D654F-2442-4EA0-AF89-6AC2CD214772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8ED0658-5F8F-48F0-A605-A2205DA27DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BCF87FD-9358-42A5-9917-25DF0180A5A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "C385DA76-4863-4D39-84D2-9D185D322365",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "188019BF-3700-4B3F-BFA5-553B2B545B7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8B2E32-B838-4E51-BAA2-764089D2A684",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "4319B943-7B19-468D-A160-5895F7F997A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "634C23AC-AC9C-43F4-BED8-1C720816D5E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB6ADFB8-210D-4E46-82A2-1C8705928382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C9F1C4-55B0-426D-BB5E-01372C23AF97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8821E5FE-319D-40AB-A515-D56C1893E6F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "74BCA435-7594-49E8-9BAE-9E02E129B6C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
              "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*",
              "matchCriteriaId": "CED02712-1031-4206-AC4D-E68710F46EC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
              "matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*",
              "matchCriteriaId": "7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
              "matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
              "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
              "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
              "matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
              "matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "94C9C346-6DEC-4C72-9F59-BB3BEC42B551",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2071DABB-7102-47F2-A15F-A6C03607D01F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8661E86-E075-427F-8E05-7A33811A3A76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEFCC35D-1C83-4CA5-8B1D-9A637613AD7E",
              "versionEndIncluding": "1.0.0.4",
              "versionStartIncluding": "1.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "054736AF-96E0-491D-B824-CC4A35B76E14",
              "versionEndIncluding": "1.1.0.4",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "575894EE-F13C-4D56-8B63-59A379F63BD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E476AEB-AD38-4033-8426-DC502497D75A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C062C89-5DC2-46EE-A9D3-23E7539A5DAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*",
              "matchCriteriaId": "20981443-6A64-4852-B2CB-3299927C6F78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2:*:*:*:*:*:*",
              "matchCriteriaId": "59761BB8-FCC7-4D15-88A8-82076CCF196F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "CF399B2E-8413-4B80-A0C0-E61E8A0A8604",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*",
              "matchCriteriaId": "230EBA53-66AF-432B-B4C1-08D8FC903B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*",
              "matchCriteriaId": "789F398A-5CB2-48F8-AF8F-05BF0A8E04B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*",
              "matchCriteriaId": "EF102659-B067-473E-AA37-EA90A82D1864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "81DF915D-D764-4C21-B213-0ADFD844E9DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*",
              "matchCriteriaId": "C29A4119-A992-4713-85D6-4FDED7CD416A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*",
              "matchCriteriaId": "4CA59C9D-74C2-4AFC-B1D1-1BC305FD493B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*",
              "matchCriteriaId": "5720A37E-1DB5-45BA-9FDE-0EAEFE1F2257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*",
              "matchCriteriaId": "F03006B7-037B-491F-A09F-DEB2FF076754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*",
              "matchCriteriaId": "FE78AED4-AD60-406C-82E0-BA52701B49BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "3D0B71F0-CCED-4E23-989A-3E9E2D71307C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*",
              "matchCriteriaId": "5CF8FC22-C556-451C-B928-F5AF8DF4BF45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*",
              "matchCriteriaId": "081D3B14-45F6-4F96-944B-94D967FEFA26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*",
              "matchCriteriaId": "DE2C36B5-43F8-401B-B420-1FA5F13A4D6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*",
              "matchCriteriaId": "D922DC5A-63F6-4188-BCDE-BB987402E47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*",
              "matchCriteriaId": "BFD5737C-AAE8-4C8D-BCFE-FFDF5DA4221C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*",
              "matchCriteriaId": "C2BCC22C-A32B-4945-AFBC-777DBE248FB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*",
              "matchCriteriaId": "92F92890-63B0-4918-A147-8852B6E2FA8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8016ECD3-4417-47A8-9493-C9F9EDF5FAA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "ED0B143A-5386-4375-AEB2-48619B2B1EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*",
              "matchCriteriaId": "E7ECA734-9E95-484F-B880-2491A0E2531B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*",
              "matchCriteriaId": "5D7CD9E9-033C-44B8-A68C-47AC260873E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*",
              "matchCriteriaId": "07B660DC-A94F-48F0-A2F4-1C39CC4751A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "44D355AE-A8C0-4D7B-87FE-5D4138B6BB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1:*:*:*:*:*:*",
              "matchCriteriaId": "329C8551-98D1-4255-B598-9E75A071C186",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2:*:*:*:*:*:*",
              "matchCriteriaId": "FD0687B7-F374-4368-AD9E-041123B23A6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D0330E77-454E-4E77-9628-50681B748491",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "3863726E-15AD-4A47-85CB-0C9965E76EF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1:*:*:*:*:*:*",
              "matchCriteriaId": "5C07D9DC-E6C1-4FB0-86F1-144FD51B08CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "3105129C-8FE8-4BF0-8CB9-A7F3F7FE1107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D1F35447-889F-4CE9-9473-87046B4707EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4:*:*:*:*:*:*",
              "matchCriteriaId": "A3A5DFC0-BBD7-430C-A026-E1F34E08894D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "141E8F6A-3998-4F22-A717-3F52BC998F97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1:*:*:*:*:*:*",
              "matchCriteriaId": "F09AA197-BB55-4CF0-AC29-4449C07DE510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2:*:*:*:*:*:*",
              "matchCriteriaId": "3E468E33-B183-4830-97E2-EAF9FD3758E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3:*:*:*:*:*:*",
              "matchCriteriaId": "738C8F2B-3D3E-4E1F-977A-05D3A39F115D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4:*:*:*:*:*:*",
              "matchCriteriaId": "1ED03E83-909B-423F-81F2-34AB7F24BBE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "9778E8AA-A034-4B04-A42E-6A182378C7DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1:*:*:*:*:*:*",
              "matchCriteriaId": "AEE15598-4064-4E31-86BA-7851AA4B76C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2:*:*:*:*:*:*",
              "matchCriteriaId": "59FE3789-FB47-4939-B9AA-86D203445526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3:*:*:*:*:*:*",
              "matchCriteriaId": "2F96389A-82B9-42DE-8E93-D2B2EE610F7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4:*:*:*:*:*:*",
              "matchCriteriaId": "3131CDA5-1C4D-489C-8788-FA396F8ADB2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5:*:*:*:*:*:*",
              "matchCriteriaId": "DCC7DF3E-658C-41D7-A4AC-433440A02092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6:*:*:*:*:*:*",
              "matchCriteriaId": "EEBB12B8-4EF6-42B9-9D28-A9CA129B0FBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-:*:*:*:*:*:*",
              "matchCriteriaId": "279C30FB-EA1C-4D1D-A37E-F1EEF79F19F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1:*:*:*:*:*:*",
              "matchCriteriaId": "D6870C1E-E4A4-4666-89DB-D72C8100D27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2:*:*:*:*:*:*",
              "matchCriteriaId": "BE183CA0-FFBB-4746-8BBE-5D1910DD2100",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D04B5EBF-C94C-4A44-9A7E-75623CAF832C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4:*:*:*:*:*:*",
              "matchCriteriaId": "5723FDF4-198B-488E-B075-F528EC6E4D18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5:*:*:*:*:*:*",
              "matchCriteriaId": "7E23A972-5BCA-4C7E-B6F9-AD54992861A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6:*:*:*:*:*:*",
              "matchCriteriaId": "1D00AFC9-8A9C-4BB1-9E60-BC6D552DC8E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "BFE4D0FF-6445-4E14-9536-ADB32662B346",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1:*:*:*:*:*:*",
              "matchCriteriaId": "C7FC4FDA-1C8D-4D7A-B5EA-D905FA830805",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2:*:*:*:*:*:*",
              "matchCriteriaId": "753AA0F3-09F4-4E34-8E72-FAFD8BFE18EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3:*:*:*:*:*:*",
              "matchCriteriaId": "9AC763FD-C143-4CA3-9A24-D50C9ED243D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4:*:*:*:*:*:*",
              "matchCriteriaId": "299C6CBE-905F-4E59-AF2F-89A1CD767916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5:*:*:*:*:*:*",
              "matchCriteriaId": "78538461-1B7E-4712-AA8D-D2EA3477635B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6:*:*:*:*:*:*",
              "matchCriteriaId": "E3FF46F1-EF19-49D7-9EDD-44441C1A3F94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7:*:*:*:*:*:*",
              "matchCriteriaId": "D9F91FB6-7D8F-4D89-B6BA-2C6DF15B9A51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "5725106C-A650-4C24-9636-1200BD44CCA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1:*:*:*:*:*:*",
              "matchCriteriaId": "F1501425-96F7-487B-9588-FDA2DAC3790A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2:*:*:*:*:*:*",
              "matchCriteriaId": "48D95998-9434-4AFF-9983-0D7AC34176A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D60BB309-860D-4D74-B08F-F94AFE84C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4:*:*:*:*:*:*",
              "matchCriteriaId": "F63E864E-6323-41B4-956F-51F9364DFAE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "EC724282-7431-465E-8E60-4037121B8838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*",
              "matchCriteriaId": "73151221-C102-4425-9316-1EE4CAAB6531",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10:*:*:*:*:*:*",
              "matchCriteriaId": "D1E9DDCD-6D22-4175-94EF-D8A5457E7355",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11:*:*:*:*:*:*",
              "matchCriteriaId": "35AB906F-43CD-4D54-8274-1FD551532E58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12:*:*:*:*:*:*",
              "matchCriteriaId": "1ADC75F0-B27E-4B15-B829-482FBA0063A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13:*:*:*:*:*:*",
              "matchCriteriaId": "D015D670-8AEA-49A3-8D22-9E3009322EB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14:*:*:*:*:*:*",
              "matchCriteriaId": "C18F3CC3-9BCF-4DE8-B7CA-59587D5E61F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15:*:*:*:*:*:*",
              "matchCriteriaId": "E543BC0F-ADFB-4CF2-BC6C-90DC76BE3A95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16:*:*:*:*:*:*",
              "matchCriteriaId": "28CE650B-BE03-4EDF-BE27-2FA6657F7A52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*",
              "matchCriteriaId": "2356A4E6-561B-40CA-8348-B30D581B1E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*",
              "matchCriteriaId": "74509F3F-840E-48B8-88B1-EA4FFB90ACC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*",
              "matchCriteriaId": "BE7BD528-628F-4CA9-9FE8-8A79BDC97680",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*",
              "matchCriteriaId": "26118C2B-78CC-4038-9DEA-7A9417029790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*",
              "matchCriteriaId": "29EBC1DD-6949-4B12-8CA5-EE2BCDB8C4C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7:*:*:*:*:*:*",
              "matchCriteriaId": "4F445D93-D482-4A74-810D-66D78CBCAFED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8:*:*:*:*:*:*",
              "matchCriteriaId": "2C9F200C-ECC9-4D51-AFE7-E99C16D09148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9:*:*:*:*:*:*",
              "matchCriteriaId": "56B87CB5-0F77-4040-BB58-9DBF5723A4FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4B3321B-11AD-43EB-867C-FA4FA6A5421E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB104CA-55CD-4B9E-A2F7-CC06E57663CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4975223D-9E31-4CEC-A4B6-C0996828B855",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "22E0F4A7-B8BD-42D1-92DB-2B510FFC9C36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C15C820B-4778-4B8F-8BD8-E996F1D4062D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42E70EE-2E23-4D92-ADE0-9177B9EDD430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "01C91446-4A36-4FCE-A973-3E6F813FABC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1:*:*:*:*:*:*",
              "matchCriteriaId": "58281E62-E350-4B0D-9322-8BA1E1773CB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2:*:*:*:*:*:*",
              "matchCriteriaId": "BF1A152E-5795-4319-BD4D-855DE19C744C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3:*:*:*:*:*:*",
              "matchCriteriaId": "438FCE7F-035A-4D89-96FE-EE5278C85493",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4:*:*:*:*:*:*",
              "matchCriteriaId": "80900F2C-7CFA-4C40-A6B5-51E12C3DA187",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5:*:*:*:*:*:*",
              "matchCriteriaId": "DDE9A060-1D4D-46E5-A34F-CC4CFA260D94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6:*:*:*:*:*:*",
              "matchCriteriaId": "33F900E6-AE47-4789-A337-70C6BEF22895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7:*:*:*:*:*:*",
              "matchCriteriaId": "AD2E5054-2151-414D-A88F-6697FF280D41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "3EB09361-372E-4F51-B255-C7D2DB41969F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1:*:*:*:*:*:*",
              "matchCriteriaId": "A36D6991-3728-4F60-A443-37652DFAA053",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10:*:*:*:*:*:*",
              "matchCriteriaId": "4142CC4E-9F0D-4017-8D17-D59FBCEB36F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11:*:*:*:*:*:*",
              "matchCriteriaId": "63C0F7CA-5F3C-41D4-AAD6-084643115D85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12:*:*:*:*:*:*",
              "matchCriteriaId": "1D16C66D-15BF-4EB8-8D78-DF12A69BD7F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13:*:*:*:*:*:*",
              "matchCriteriaId": "81C388DC-0941-4D08-8C1C-BD43D9B0DC8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14:*:*:*:*:*:*",
              "matchCriteriaId": "45CD14D8-665A-46C5-8387-33FF266822A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15:*:*:*:*:*:*",
              "matchCriteriaId": "D510329D-B39E-4E2B-AAEC-1FDA7869C9E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16:*:*:*:*:*:*",
              "matchCriteriaId": "4640FE06-4D22-442E-A0E0-76EEFAF6ECB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17:*:*:*:*:*:*",
              "matchCriteriaId": "6A846C69-CA94-4F5E-9E02-69EA6680549E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2:*:*:*:*:*:*",
              "matchCriteriaId": "F3E63ECF-25CB-4E7F-BF51-B4D7B3541AE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3:*:*:*:*:*:*",
              "matchCriteriaId": "FF14DD4F-6779-4B17-AB1B-D4DE58E7E231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4:*:*:*:*:*:*",
              "matchCriteriaId": "7AAEE176-631A-41B9-BC40-93F866DA9D5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5:*:*:*:*:*:*",
              "matchCriteriaId": "75C963D5-F2D1-49EE-93B5-CA7FE7EAB98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6:*:*:*:*:*:*",
              "matchCriteriaId": "9388D932-9818-4A68-9543-B0643166DB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7:*:*:*:*:*:*",
              "matchCriteriaId": "770A9287-C910-4690-9402-0C0B7BAC8912",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8:*:*:*:*:*:*",
              "matchCriteriaId": "3F8AC068-D5AC-4042-8A7C-5B95EA0E85F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9:*:*:*:*:*:*",
              "matchCriteriaId": "B503F1F7-F439-420D-B465-9A51CCECAB06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27948B08-C452-41FB-B41F-6ADB3AAE087E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AB8FB4C-5BBC-420D-84F0-C8424DC25CD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAF1F14C-DB2C-40A8-B899-C127C7ECC0D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E87FA9CC-D201-430F-8FE6-8C9A88CEAB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D7F2743-71BB-4011-B919-7E8032B6B72F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:kvm:*:*:*",
              "matchCriteriaId": "3738FAC6-B90B-4014-9E86-17ED6D19D23D",
              "versionEndExcluding": "1.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:openflow:*:*:*",
              "matchCriteriaId": "35B6634E-4F09-423C-87E7-59D4127CC023",
              "versionEndExcluding": "1.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:vmware:*:*:*",
              "matchCriteriaId": "0A7A7100-A1DA-4191-A4C1-D930829A3DC2",
              "versionEndExcluding": "1.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "83739ED7-37F1-4712-8C81-E56F58790240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:workload_deployer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CDD227E-1F98-4F73-BB65-3820F39127F0",
              "versionEndIncluding": "3.1.0.7",
              "versionStartIncluding": "3.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CB18F38-AC6A-406A-A4DD-40688B803744",
              "versionEndExcluding": "1.4.3.5",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE781C8-40F7-4F6D-8FED-8EB3071FE9DB",
              "versionEndExcluding": "1.5.0.4",
              "versionStartIncluding": "1.5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5AB3395-B458-49F8-A8E3-25FF0C1C3BD3",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EC57FAE-AD4D-4C9F-97A4-581C977B5FE4",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47A17EE0-7D3E-4CD7-984C-BB17BF6F4BFD",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A46CF2-392A-4BB9-B4BF-DE8C5228CAAE",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C4EF774-BD92-444D-9583-25DB97CDA4F3",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8753BBDB-A858-4A51-A8FD-8DF8DF2734A0",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FB9850A-3308-4277-A68C-AD418612101E",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C84D7A48-6745-49D3-AE52-31DD7EEC0D61",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A1A3A3E-5636-4422-9B7B-B3D97989E674",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7384B993-049F-48D7-86D6-FE221C783245",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1DF6129-9CEA-4812-800F-A6FD5095D60E",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79788A89-4152-4B4B-BFF0-518D90EE4D2B",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "680738C5-63D5-4F60-9610-FD0D87FCBBCA",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "872E2102-6BE6-42B6-93B0-942B7DABCBDA",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DACA26CF-7C3F-4215-B032-ED9C5EFD57D8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E31991-DF33-4F00-8430-7B626E8174CE",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2E25BB0-6F5A-4A7B-9147-D4E17014C747",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80C1675-4948-45DC-B593-EDB1354E42F3",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CE69F8D-5EEE-4BC7-939C-CE71BCD2E11D",
              "versionEndExcluding": "3.8.0.07",
              "versionStartIncluding": "3.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDEC166F-A967-4616-B9EF-503054EFD197",
              "versionEndExcluding": "3.9.1.08",
              "versionStartIncluding": "3.9.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713E71BC-16F5-41E3-9816-74D5E8D8C9A9",
              "versionEndExcluding": "4.1.2.06",
              "versionStartIncluding": "4.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:stn6500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D2487E0-046C-476F-BFF4-EF77D9E856D8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0287F3CD-2151-491D-8BC3-6D3921BE8FFA",
              "versionEndExcluding": "3.8.0.07",
              "versionStartIncluding": "3.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4179899-87B4-42C3-8245-9A34EC04F6A1",
              "versionEndExcluding": "3.9.1.08",
              "versionStartIncluding": "3.9.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8CED766-9742-4037-8005-F0BDDE9176DD",
              "versionEndExcluding": "4.1.2.06",
              "versionStartIncluding": "4.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:stn6800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41EEAEC-08AE-4478-8977-5A4D7B48C175",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "298C961D-5E5F-4277-B192-A4C29243BECC",
              "versionEndExcluding": "3.8.0.07",
              "versionStartIncluding": "3.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5A76C40-BA90-4FBD-8DFF-4AF8F952963A",
              "versionEndExcluding": "3.9.1.08",
              "versionStartIncluding": "3.9.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0663FBC-01C0-4AD8-A0B8-6097E537D352",
              "versionEndExcluding": "4.1.2.06",
              "versionStartIncluding": "4.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:stn7800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE145DE3-3C9B-4949-B6D4-9B259372CCE0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ABC25E5-76CD-469B-879A-B1F7109D0181",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "98942F6C-330F-459A-B2B4-72572DB4070E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5A92B0C-7256-45F0-8E0C-ADFEF36CF43D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C0BAB94-6521-4B57-9E56-A57BA5E20C24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A7788E5-93B9-4149-8823-2ACBA5CF17E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:novell:open_enterprise_server:2.0:sp3:*:*:*:linux_kernel:*:*",
              "matchCriteriaId": "B41B4ECD-6F30-46F5-A559-1CEFC7964873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*",
              "matchCriteriaId": "D42ADCD9-1455-401C-B94F-D367A78A2B97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:checkpoint:security_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2853A787-E5F1-4455-9482-7C538B80556C",
              "versionEndExcluding": "r77.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E910D60-1145-4229-9890-80D2D67C3845",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BBEF73-E87D-467F-85EB-47BE212DF0E8",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE23220D-E364-41B7-A440-43B3AA4A716A",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C483253F-841E-4D4E-9B4A-932E9D07268B",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F0E7766-BDB4-42AB-B6CC-6B4E86A10038",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06BA93C0-A7AE-4A8E-BD74-08149A204463",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E0D8F52-0EAD-4E02-A8D8-CBAE2CDC703B",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6D61BF2-69D8-4AD2-85CD-D87F640A6888",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9828CBA5-BB72-46E2-987D-633A5B3E2AFF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC24B891-6DBA-4C02-B4CF-8D1CA53B4B74",
              "versionEndIncluding": "4.4.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BB0FDAC-C49D-4E63-ACA9-7BAD7C93A5D2",
              "versionEndIncluding": "4.4.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AEB1FC5-1179-4DE9-99A2-D650167A7A60",
              "versionEndIncluding": "4.4.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ADD1B04-9F78-40B3-8314-6935277073B0",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F",
              "versionEndIncluding": "3.1.1",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1343FBDC-4BF0-403B-B257-96672F092263",
              "versionEndIncluding": "4.0.5",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C138527-73D3-4AEE-BFAB-1D240A585A0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F2EB3D6-EF4C-4241-A31E-3990664004A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F0CD8F8-26CE-43F0-87EB-A08F1D1EDB25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D1168D2-93D5-4415-A666-B4BE0B2AC201",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:f5:arx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A2FBA9-207F-4F16-932D-BF0BA3440503",
              "versionEndIncluding": "6.4.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:f5:arx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C6AC80F-9D91-468D-BEE3-6A0759723673",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF1DB4B7-AFCC-4D56-95BA-C66AB7A36680",
              "versionEndExcluding": "9.3.67.5r1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "665EF643-3CDC-4518-9693-0D49F0870283",
              "versionEndExcluding": "10.1.129.11r1",
              "versionStartIncluding": "10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAE3CC45-49E5-40DE-B5C3-52A754A9C599",
              "versionEndExcluding": "10.5.52.11r1",
              "versionStartIncluding": "10.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:citrix:netscaler_sdx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8968E39A-1E16-4B7F-A16A-190EBC20D04F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "864B5480-704F-4636-A938-7D95AD4223AD",
              "versionEndExcluding": "10.10.0",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35D34345-0AD1-499C-9A74-982B2D3F305A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "3DF3F07E-6F4E-4B97-B313-7DA3E8A88451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "5C98B0EA-7A52-4BDF-90C2-38797FC2B75A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FECF06B5-3915-48F0-A140-41C7A27EE99D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "BBD8B161-0A07-492F-89E4-7A0BD02F6464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "F3E8E0E1-FF63-425D-8C22-86B16CFB7B1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-:*:*:*:*:*:*",
              "matchCriteriaId": "29DF8DD7-B5CC-4152-A726-1D48459068D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "DB2E2AAD-E221-4227-A41B-DC01BFDFCD6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271."
    },
    {
      "lang": "es",
      "value": "GNU Bash hasta 4.3 bash43-025 procesa cadenas finales despu\u00e9s de la definici\u00f3n malformada de funciones en los valores de variables de entorno, lo que permite a atacantes remotos escribir hacia ficheros o posiblemente tener otro impacto desconocido a trav\u00e9s de un entorno manipulado, tal y como se ha demostrado por vectores que involucran la caracter\u00edstica ForceCommand en sshd OpenSSH, los m\u00f3dulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en la cual establecer el entorno ocurre a trav\u00e9s de un l\u00edmite privilegiado de la ejecuci\u00f3n de Bash. Nota: Esta vulnerabilidad existe debido a una soluci\u00f3n incompleta para CVE-2014-6271."
    }
  ],
  "id": "CVE-2014-7169",
  "lastModified": "2025-01-06T19:35:05.427",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2014-09-25T01:55:04.367",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://advisories.mageia.org/MGASA-2014-0393.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/58200"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59272"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59737"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59907"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60024"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60034"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60044"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60055"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60063"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60193"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60325"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60433"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60947"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61065"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61128"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61129"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61188"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61283"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61287"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61291"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61312"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61313"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61328"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61442"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61471"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61479"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61485"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61503"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61550"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61552"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61565"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61603"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61618"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61619"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61622"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61626"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61633"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61641"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61643"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61654"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61676"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61700"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61703"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61711"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61715"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61780"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61816"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61855"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61857"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61873"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/62228"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/62312"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/62343"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6495"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://twitter.com/taviso/statuses/514887394294652929"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-3035"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/252743"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2363-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2363-2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/articles/1200223"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/node/1200223"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/kb/HT6535"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.citrix.com/article/CTX200217"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "https://support.citrix.com/article/CTX200223"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/34879/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.suse.com/support/shellshock/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://advisories.mageia.org/MGASA-2014-0393.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/58200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59737"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59907"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60063"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60193"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60325"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60433"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60947"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61128"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61188"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61442"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61485"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61550"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61552"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61565"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61603"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61619"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61626"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61643"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61654"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61676"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61700"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61703"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61711"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61715"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61816"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61855"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61873"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/62228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/62312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/62343"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://twitter.com/taviso/statuses/514887394294652929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-3035"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/252743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2363-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2363-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/articles/1200223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/node/1200223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/kb/HT6535"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.citrix.com/article/CTX200217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "https://support.citrix.com/article/CTX200223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/34879/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.suse.com/support/shellshock/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2012-05-24 23:55

Modified

2024-11-21 01:29

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Summary

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

References

URL	Tags
secalert@redhat.com	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
secalert@redhat.com	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f
secalert@redhat.com	http://marc.info/?l=bugtraq&m=139447903326211&w=2	Mailing List, Third Party Advisory
secalert@redhat.com	http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1	Mailing List, Patch, Vendor Advisory
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/08/23/2	Mailing List, Patch, Third Party Advisory
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=732658	Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com	https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec	Patch, Third Party Advisory
secalert@redhat.com	https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f	Patch, Third Party Advisory
secalert@redhat.com	https://support.f5.com/csp/article/K15301?utm_source=f5support&amp%3Butm_medium=RSS
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=139447903326211&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1	Mailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/08/23/2	Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=732658	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K15301?utm_source=f5support&amp%3Butm_medium=RSS

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
redhat	enterprise_linux	4.0
f5	arx	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_analytics	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_edge_gateway	*
f5	big-ip_edge_gateway	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_protocol_security_module	*
f5	big-ip_protocol_security_module	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	*
f5	enterprise_manager	*
f5	enterprise_manager	3.0.0
f5	firepass	*
f5	firepass	7.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "156989A4-23D9-434A-B512-9C0F3583D13D",
              "versionEndExcluding": "3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:arx:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F20E6644-F925-4283-AD92-7B0696F52310",
              "versionEndIncluding": "6.4.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0483E71B-931F-4566-AD6F-D5ABF64FFA06",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47A1E3F1-F319-4A75-9211-29B273E76F03",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EDED2D2-B85B-4680-9970-A6CE3343422C",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06D3514D-B1C2-4304-96DA-A84847104AF6",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "142D050F-0D22-4D21-AB14-3AD0500A6D3F",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFC44375-AF21-4438-9FF9-244095DEA2B7",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "412829BD-A98B-4AD5-8B93-2C4C20AC15D8",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF7C328A-E18A-425E-B38F-996CC96D402E",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1DB046D-1AC3-4F5C-95BF-31BBCE1C44BE",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD1D6A6-50A8-4794-8C7B-E3C3BC48A262",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ADD1B04-9F78-40B3-8314-6935277073B0",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15CE213B-F42C-4C2E-AFBD-852AB049FF8A",
              "versionEndIncluding": "6.1.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "442D343A-973B-4C33-B99B-1EA2B7670DE5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets."
    },
    {
      "lang": "es",
      "value": "Las implementaciones de (1) IPv4 y (2) IPv6 en el kernel de Linux antes de v3.1 utiliza una versi\u00f3n modificada de algoritmo MD4 para generar n\u00fameros de secuencia y valores de los fragmentos de identificaci\u00f3n, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes remotos causar una denegaci\u00f3n de servicio (red interrumpida) o secuestrar sesiones de red mediante la predicci\u00f3n de estos valores y el env\u00edo de paquetes manipulados."
    }
  ],
  "id": "CVE-2011-3188",
  "lastModified": "2024-11-21T01:29:56.183",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.4,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2012-05-24T23:55:02.213",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/08/23/2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/08/23/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-04-13 16:59

Modified

2024-11-21 02:47

Severity ?

7.4 (High) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

Summary

F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration.

References

URL	Tags
cve@mitre.org	http://www.securitytracker.com/id/1035520
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1035520
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-iq_security	4.2.0
f5	big-iq_security	4.3.0
f5	big-iq_security	4.4.0
f5	big-iq_security	4.5.0
f5	big-ip_webaccelerator	11.3.0
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.5.2
f5	big-ip_application_security_manager	11.5.3
f5	big-ip_application_security_manager	11.5.4
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_application_security_manager	12.0.0
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_access_policy_manager	11.5.4
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_access_policy_manager	12.0.0
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.5.2
f5	big-ip_policy_enforcement_manager	11.5.3
f5	big-ip_policy_enforcement_manager	11.5.4
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_policy_enforcement_manager	12.0.0
f5	big-iq_cloud	4.2.0
f5	big-iq_cloud	4.3.0
f5	big-iq_cloud	4.4.0
f5	big-iq_cloud	4.5.0
f5	big-iq_application_delivery_controller	4.5.0
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.5.2
f5	big-ip_global_traffic_manager	11.5.3
f5	big-ip_global_traffic_manager	11.5.4
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.5.2
f5	big-ip_local_traffic_manager	11.5.3
f5	big-ip_local_traffic_manager	11.5.4
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_local_traffic_manager	12.0.0
f5	big-iq_device	4.2.0
f5	big-iq_device	4.3.0
f5	big-iq_device	4.4.0
f5	big-iq_device	4.5.0
f5	big-ip_edge_gateway	11.3.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.5.2
f5	big-ip_application_acceleration_manager	11.5.3
f5	big-ip_application_acceleration_manager	11.5.4
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_application_acceleration_manager	12.0.0
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_advanced_firewall_manager	11.5.4
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_advanced_firewall_manager	12.0.0
f5	big-ip_link_controller	11.3.0
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.5.2
f5	big-ip_link_controller	11.5.3
f5	big-ip_link_controller	11.5.4
f5	big-ip_link_controller	11.6.0
f5	big-ip_link_controller	12.0.0
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.5.2
f5	big-ip_analytics	11.5.3
f5	big-ip_analytics	11.5.4
f5	big-ip_analytics	11.6.0
f5	big-ip_analytics	12.0.0
f5	big-ip_domain_name_system	12.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration."
    },
    {
      "lang": "es",
      "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Lenk Controller y PEM 11.3.x, 11.4.x en versiones anteriores a 11.4.1 build 685-HF10, 11.5.1 en versiones anteriores a build 10.104.180, 11.5.2 en versiones anteriores a 11.5.4 build 0.1.256, 11.6.0 en versiones anteriores a build 6.204.442 y 12.0.0 en versiones anteriores a build 1.14.628; BIG-IP AAM 11.4.x en versiones anteriores a 11.4.1 build 685-HF10, 11.5.1 en versiones anteriores a build 10.104.180, 11.5.2 en versiones anteriores a 11.5.4 build 0.1.256, 11.6.0 en versiones anteriores a build 6.204.442 y 12.0.0 en versiones anteriores a build 1.14.628; BIG-IP DNS 12.0.0 en versiones anteriores a build 1.14.628; BIG-IP Edge Gateway, WebAccelerator y WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x en versiones anteriores a 11.4.1 build 685-HF10, 11.5.1 en versiones anteriores a build 10.104.180, 11.5.2 en versiones anteriores a 11.5.4 build 0.1.256 y 11.6.0 en versiones anteriores a build 6.204.442; BIG-IP PSM 11.3.x y 11.4.x en versiones anteriores a 11.4.1 build 685-HF10; BIG-IQ Cloud, Device y Security 4.2.0 hasta la versi\u00f3n 4.5.0 y BIG-IQ ADC 4.5.0 no regenera correctamente certificados y claves cuando despliega im\u00e1genes en la nube en Amazon Web Services (AWS), Azure o entornos de servicios en al nube de Verizon, lo que permite a atacantes obtener informaci\u00f3n sensible o provocar una denegaci\u00f3n de servicio (interrupci\u00f3n) aprovechando una configuraci\u00f3n de instancia de objetivo."
    }
  ],
  "id": "CVE-2016-2084",
  "lastModified": "2024-11-21T02:47:46.577",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-04-13T16:59:10.160",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1035520"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035520"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-11-01 23:55

Modified

2024-11-21 02:13

Severity ?

Summary

Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and Edge Gateway 11.0.0 through 11.6.0 and 10.1.0 through 10.2.4, PEM 11.3.0 through 11.6.0, PSM 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4, and WOM 11.0.0 through 11.3.0 and 10.0.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allow remote authenticated users to read arbitrary files and cause a denial of service via a crafted request, as demonstrated using (1) viewList or (2) deal elements.

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html	Exploit
cve@mitre.org	http://seclists.org/fulldisclosure/2014/Oct/128
cve@mitre.org	http://seclists.org/fulldisclosure/2014/Oct/129
cve@mitre.org	http://seclists.org/fulldisclosure/2014/Oct/130
cve@mitre.org	http://www.securityfocus.com/bid/70834	Exploit
cve@mitre.org	http://www.securitytracker.com/id/1031144
cve@mitre.org	http://www.securitytracker.com/id/1031145
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/98402
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/98403
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html	Vendor Advisory
cve@mitre.org	https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/
cve@mitre.org	https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2014/Oct/128
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2014/Oct/129
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2014/Oct/130
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/70834	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1031144
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1031145
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/98402
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/98403
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/
af854a3a-2127-422b-91ae-364da2661108	https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/

Impacted products

Vendor	Product	Version
f5	big-ip_protocol_security_module	10.0.0
f5	big-ip_protocol_security_module	10.1.0
f5	big-ip_protocol_security_module	10.2.0
f5	big-ip_protocol_security_module	10.2.1
f5	big-ip_protocol_security_module	10.2.2
f5	big-ip_protocol_security_module	10.2.3
f5	big-ip_protocol_security_module	10.2.4
f5	big-ip_protocol_security_module	11.0.0
f5	big-ip_protocol_security_module	11.1.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_global_traffic_manager	10.0.0
f5	big-ip_global_traffic_manager	10.1.0
f5	big-ip_global_traffic_manager	10.2.0
f5	big-ip_global_traffic_manager	10.2.1
f5	big-ip_global_traffic_manager	10.2.2
f5	big-ip_global_traffic_manager	10.2.3
f5	big-ip_global_traffic_manager	10.2.4
f5	big-ip_global_traffic_manager	11.0.0
f5	big-ip_global_traffic_manager	11.1.0
f5	big-ip_global_traffic_manager	11.2.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_wan_optimization_manager	10.0.0
f5	big-ip_wan_optimization_manager	10.1.0
f5	big-ip_wan_optimization_manager	10.2.0
f5	big-ip_wan_optimization_manager	10.2.1
f5	big-ip_wan_optimization_manager	10.2.2
f5	big-ip_wan_optimization_manager	10.2.3
f5	big-ip_wan_optimization_manager	10.2.4
f5	big-ip_wan_optimization_manager	11.0.0
f5	big-ip_wan_optimization_manager	11.1.0
f5	big-ip_wan_optimization_manager	11.2.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_application_security_manager	10.0.0
f5	big-ip_application_security_manager	10.1.0
f5	big-ip_application_security_manager	10.2.0
f5	big-ip_application_security_manager	10.2.1
f5	big-ip_application_security_manager	10.2.2
f5	big-ip_application_security_manager	10.2.3
f5	big-ip_application_security_manager	10.2.4
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_application_security_manager	11.1.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_webaccelerator	10.0.0
f5	big-ip_webaccelerator	10.1.0
f5	big-ip_webaccelerator	10.2.0
f5	big-ip_webaccelerator	10.2.1
f5	big-ip_webaccelerator	10.2.2
f5	big-ip_webaccelerator	10.2.3
f5	big-ip_webaccelerator	10.2.4
f5	big-ip_webaccelerator	11.0.0
f5	big-ip_webaccelerator	11.1.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0
f5	big-ip_analytics	11.0.0
f5	big-ip_analytics	11.1.0
f5	big-ip_analytics	11.2.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.6.0
f5	big-ip_link_controller	10.0.0
f5	big-ip_link_controller	10.1.0
f5	big-ip_link_controller	10.2.0
f5	big-ip_link_controller	10.2.1
f5	big-ip_link_controller	10.2.2
f5	big-ip_link_controller	10.2.3
f5	big-ip_link_controller	10.2.4
f5	big-ip_link_controller	11.0.0
f5	big-ip_link_controller	11.1.0
f5	big-ip_link_controller	11.2.0
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.3.0
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.6.0
f5	big-ip_application_security_manager	10.0.0
f5	big-ip_application_security_manager	10.1.0
f5	big-ip_application_security_manager	10.2.0
f5	big-ip_application_security_manager	10.2.1
f5	big-ip_application_security_manager	10.2.2
f5	big-ip_application_security_manager	10.2.3
f5	big-ip_application_security_manager	10.2.4
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_application_security_manager	11.1.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.6.0
f5	enterprise_manager	3.0.0
f5	enterprise_manager	3.1.0
f5	enterprise_manager	3.1.1
f5	enterprise_manager	2.1.0
f5	enterprise_manager	2.2.0
f5	enterprise_manager	2.3.0
f5	big-ip_local_traffic_manager	10.0.0
f5	big-ip_local_traffic_manager	10.1.0
f5	big-ip_local_traffic_manager	10.2.0
f5	big-ip_local_traffic_manager	10.2.1
f5	big-ip_local_traffic_manager	10.2.2
f5	big-ip_local_traffic_manager	10.2.3
f5	big-ip_local_traffic_manager	10.2.4
f5	big-ip_local_traffic_manager	11.0.0
f5	big-ip_local_traffic_manager	11.1.0
f5	big-ip_local_traffic_manager	11.2.0
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_edge_gateway	10.1.0
f5	big-ip_edge_gateway	10.2.0
f5	big-ip_edge_gateway	10.2.1
f5	big-ip_edge_gateway	10.2.2
f5	big-ip_edge_gateway	10.2.3
f5	big-ip_edge_gateway	10.2.4
f5	big-ip_edge_gateway	11.0.0
f5	big-ip_edge_gateway	11.1.0
f5	big-ip_edge_gateway	11.2.0
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_edge_gateway	11.3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16ACB60E-B9E9-402A-BE42-DF5C892C2257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB441DC5-813E-4E59-87B8-15731291B135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E951823B-9791-48C7-A804-18FEBEC31279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71578014-E3CD-40A9-8AE4-537C970B4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C580F19-AF18-49EE-89FF-8C4F5C88314D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:enterprise_manager:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE619B40-18EB-4F01-A416-63A66577F14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:enterprise_manager:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "003DFFC0-C51B-43B8-897A-6AD71A7B60FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:enterprise_manager:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "05803D5C-15CD-4600-9703-951D28173E49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and Edge Gateway 11.0.0 through 11.6.0 and 10.1.0 through 10.2.4, PEM 11.3.0 through 11.6.0, PSM 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4, and WOM 11.0.0 through 11.3.0 and 10.0.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allow remote authenticated users to read arbitrary files and cause a denial of service via a crafted request, as demonstrated using (1) viewList or (2) deal elements."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades XXE en la utilidad Configuration en F5 BIG-IP LTM, ASM, GTM y Link Controller 11.0 hasta la versi\u00f3n 11.6.0 and 10.0.0 hasta la versi\u00f3n 10.2.4, AAM 11.4.0 hasta la versi\u00f3n 11.6.0, ARM 11.3.0 hasta la versi\u00f3n 11.6.0, Analytics 11.0.0 hasta la versi\u00f3n 11.6.0, APM y Edge Gateway 11.0.0 hasta la versi\u00f3n 11.6.0 and 10.1.0 hasta la versi\u00f3n 10.2.4, PEM 11.3.0 hasta la versi\u00f3n 11.6.0, PSM 11.0.0 hasta la versi\u00f3n 11.4.1 y 10.0.0 hasta la versi\u00f3n 10.2.4 y WOM 11.0.0 hasta la versi\u00f3n 11.3.0 y 10.0.0 hasta la versi\u00f3n 10.2.4 y Enterprise Manager 3.0.0 hasta la versi\u00f3n 3.1.1 y 2.1.0 hasta la versi\u00f3n 2.3.0 permiten a usuarios remotos autenticados leer archivos arbitrarios y causar una denegaci\u00f3n de servicio a trav\u00e9s de una petici\u00f3n manipulada, seg\u00fan lo demostrado usando elementos (1) viewlist o (2) deal."
    }
  ],
  "evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/611.html\"\u003eCWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)\u003c/a\u003e",
  "id": "CVE-2014-6032",
  "lastModified": "2024-11-21T02:13:37.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-11-01T23:55:09.587",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/fulldisclosure/2014/Oct/128"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/fulldisclosure/2014/Oct/129"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/fulldisclosure/2014/Oct/130"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/70834"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1031144"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1031145"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98402"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98403"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2014/Oct/128"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2014/Oct/129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2014/Oct/130"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/70834"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031144"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031145"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98403"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-08-19 21:59

Modified

2024-11-21 02:37

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads.

References

URL	Tags
cve@mitre.org	http://www.securitytracker.com/id/1036627	Third Party Advisory, VDB Entry
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036627	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_global_traffic_manager	11.0.0
f5	big-ip_global_traffic_manager	11.1.0
f5	big-ip_global_traffic_manager	11.2.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.5.2
f5	big-ip_global_traffic_manager	11.5.3
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_local_traffic_manager	11.0.0
f5	big-ip_local_traffic_manager	11.1.0
f5	big-ip_local_traffic_manager	11.2.0
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.5.2
f5	big-ip_local_traffic_manager	11.5.3
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_webaccelerator	11.0.0
f5	big-ip_webaccelerator	11.1.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.5.2
f5	big-ip_policy_enforcement_manager	11.5.3
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_access_policy_manager	11.0.0
f5	big-ip_access_policy_manager	11.1.0
f5	big-ip_access_policy_manager	11.2.0
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_analytics	11.0.0
f5	big-ip_analytics	11.1.0
f5	big-ip_analytics	11.2.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.5.2
f5	big-ip_analytics	11.5.3
f5	big-ip_analytics	11.6.0
f5	big-ip_wan_optimization_manager	11.0.0
f5	big-ip_wan_optimization_manager	11.1.0
f5	big-ip_wan_optimization_manager	11.2.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-ip_link_controller	11.0.0
f5	big-ip_link_controller	11.1.0
f5	big-ip_link_controller	11.2.0
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.3.0
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.5.2
f5	big-ip_link_controller	11.5.3
f5	big-ip_link_controller	11.6.0
f5	big-ip_edge_gateway	11.0.0
f5	big-ip_edge_gateway	11.1.0
f5	big-ip_edge_gateway	11.2.0
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_edge_gateway	11.3.0
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_application_security_manager	11.1.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.5.2
f5	big-ip_application_security_manager	11.5.3
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.5.2
f5	big-ip_application_acceleration_manager	11.5.3
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_websafe	11.6.0
f5	big-ip_protocol_security_module	11.0.0
f5	big-ip_protocol_security_module	11.1.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "228D5DA1-C78A-4E05-997A-50F6C1B59593",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads."
    },
    {
      "lang": "es",
      "value": "La utilidad Configuration en F5 BIG-IP LTM, Analytics, APM, ASM, GTM y Link Controller 11.x en versiones anteriores a 11.2.1 HF16, 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 y 11.6.x en versiones anteriores a 11.6.1; BIG-IP AAM 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 y 11.6.x en versiones anteriores a 11.6.1; BIG-IP AFM y PEM 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 y 11.6.x en versiones anteriores a 11.6.1; BIG-IP Edge Gateway, WebAccelerator y WOM 11.x en versiones anteriores a 11.2.1 HF16 y 11.3.0; y BIG-IP PSM 11.x en versiones anteriores a 11.2.1 HF16, 11.3.x y 11.4.x en versiones anteriores a 11.4.1 HF10 permite a usuarios remotos autenticados con ciertos permisos obtener privilegios aprovechando una secci\u00f3n de configuraci\u00f3n de personalizaci\u00f3n Access Policy Manager que permite la carga de archivos."
    }
  ],
  "id": "CVE-2015-8022",
  "lastModified": "2024-11-21T02:37:51.600",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.5,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-19T21:59:01.243",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036627"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036627"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-01-30 15:06

Modified

2024-11-21 01:40

Severity ?

Summary

Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter.

References

URL	Tags
cret@cert.org	http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html
cret@cert.org	http://osvdb.org/89446
cret@cert.org	http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html
cret@cert.org	http://secunia.com/advisories/51867	Vendor Advisory
cret@cert.org	http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html
cret@cert.org	http://www.securityfocus.com/bid/57500
cret@cert.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/81457
cret@cert.org	https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/89446
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51867	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/57500
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/81457
af854a3a-2127-422b-91ae-364da2661108	https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt

Impacted products

Vendor	Product	Version
f5	big-ip_webaccelerator	11.0.0
f5	big-ip_webaccelerator	11.1.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_global_traffic_manager	11.0.0
f5	big-ip_global_traffic_manager	11.0.0
f5	big-ip_global_traffic_manager	11.1.0
f5	big-ip_global_traffic_manager	11.1.0
f5	big-ip_global_traffic_manager	11.2.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.0.0
f5	big-ip_local_traffic_manager	11.0.0
f5	big-ip_local_traffic_manager	11.1.0
f5	big-ip_local_traffic_manager	11.1.0
f5	big-ip_local_traffic_manager	11.2.0
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_protocol_security_module	11.0.0
f5	big-ip_protocol_security_module	11.1.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_wan_optimization_manager	11.0.0
f5	big-ip_wan_optimization_manager	11.1.0
f5	big-ip_wan_optimization_manager	11.2.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_link_controller	11.0.0
f5	big-ip_link_controller	11.1.0
f5	big-ip_link_controller	11.2.0
f5	big-ip_link_controller	11.2.1
f5	big-ip_analytics	11.0.0
f5	big-ip_analytics	11.1.0
f5	big-ip_analytics	11.2.0
f5	big-ip_analytics	11.2.1
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_application_security_manager	11.1.0
f5	big-ip_application_security_manager	11.1.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_access_policy_manager	11.1.0
f5	big-ip_access_policy_manager	11.2.0
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.0.0
f5	big-ip_access_policy_manager	11.1.0
f5	big-ip_access_policy_manager	11.2.0
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_edge_gateway	11.0.0
f5	big-ip_edge_gateway	11.1.0
f5	big-ip_edge_gateway	11.2.0
f5	big-ip_edge_gateway	11.2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:hf1:*:*:*:*:*:*",
              "matchCriteriaId": "EACC4566-B29A-41DD-A568-7A3E1F1CDBD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:hf2:*:*:*:*:*:*",
              "matchCriteriaId": "BD3700DB-FF49-4B44-8480-77ABC4C287E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:hf1:*:*:*:*:*:*",
              "matchCriteriaId": "6A3F75C1-864F-4F20-AAF3-29DAA5F3B421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:hf2:*:*:*:*:*:*",
              "matchCriteriaId": "E752C74C-BE49-45EA-8ACC-C0ACBF3A795C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:hf1:*:*:*:*:*:*",
              "matchCriteriaId": "9AED0FFD-DFF4-431D-A189-DCD1F00600D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:hf2:*:*:*:*:*:*",
              "matchCriteriaId": "CEE80F37-A5A9-4276-83D4-13F65101A4E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:standalone",
              "matchCriteriaId": "B724E2E6-D28A-4F6F-BF9D-D40AE970C43F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:standalone",
              "matchCriteriaId": "CCDCC772-50EC-4709-A042-AED38B17A0CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:standalone",
              "matchCriteriaId": "52B45A67-64B1-44DE-AF6A-AE8448A99BC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:standalone",
              "matchCriteriaId": "2EED459F-7CF2-49FF-9D67-AB9DDD7ACE9A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n de SQL en sam/admin/reports/php/saveSettings.php en el APM WebGUI de F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, y Analytics y (2) AVR WebGUI en WebAccelerator y WOM 11.2.x anterior a la versi\u00f3n 11.2.0-HF3 y 11.2.x anterior a 11.2.1-HF3 permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro defaultQuery."
    }
  ],
  "id": "CVE-2012-3000",
  "lastModified": "2024-11-21T01:40:05.820",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-01-30T15:06:21.767",
  "references": [
    {
      "source": "cret@cert.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://osvdb.org/89446"
    },
    {
      "source": "cret@cert.org",
      "url": "http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/51867"
    },
    {
      "source": "cret@cert.org",
      "url": "http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/bid/57500"
    },
    {
      "source": "cret@cert.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81457"
    },
    {
      "source": "cret@cert.org",
      "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/89446"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/51867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/57500"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81457"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-03-11 13:01

Modified

2024-11-21 02:01

Severity ?

Summary

The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.

References

URL	Tags
secalert@redhat.com	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2014-0328.html	Third Party Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2014-0419.html	Third Party Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2014-0432.html	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/59216	Third Party Advisory
secalert@redhat.com	http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html	Third Party Advisory
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2014/03/04/6	Mailing List, Patch, Third Party Advisory
secalert@redhat.com	http://www.securityfocus.com/bid/65943	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2173-1	Third Party Advisory
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2174-1	Third Party Advisory
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1070705	Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com	https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-0328.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-0419.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-0432.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59216	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2014/03/04/6	Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/65943	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2173-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2174-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1070705	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
redhat	enterprise_linux_desktop	6.0
redhat	enterprise_linux_eus	6.3
redhat	enterprise_linux_eus	6.4
redhat	enterprise_linux_eus	6.5
redhat	enterprise_linux_server	6.0
redhat	enterprise_linux_server_aus	6.4
redhat	enterprise_linux_server_aus	6.5
redhat	enterprise_linux_server_tus	6.5
redhat	enterprise_linux_workstation	6.0
canonical	ubuntu_linux	10.04
f5	big-ip_access_policy_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_analytics	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_edge_gateway	*
f5	big-ip_enterprise_manager	*
f5	big-ip_enterprise_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_link_controller	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_protocol_security_module	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_webaccelerator	*
f5	big-iq_adc	4.5.0
f5	big-iq_centralized_management	4.6.0
f5	big-iq_cloud	*
f5	big-iq_device	*
f5	big-iq_security	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0E9005C-26CB-4056-8F6B-98C7FDF2F7B9",
              "versionEndExcluding": "3.2.56",
              "versionStartIncluding": "2.6.24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2869AF87-7E94-4E08-8EF9-8C62F663EC82",
              "versionEndExcluding": "3.4.84",
              "versionStartIncluding": "3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67836467-8BEF-44A1-B031-98EFBA19F38C",
              "versionEndExcluding": "3.10.34",
              "versionStartIncluding": "3.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AE2B033-586E-48AC-95DC-880018601DFC",
              "versionEndExcluding": "3.12.15",
              "versionStartIncluding": "3.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B13865A2-6E9A-4FFE-A1C2-02B75D66C207",
              "versionEndExcluding": "3.13.7",
              "versionStartIncluding": "3.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F876CB01-E4E3-461B-BF67-F993D3C058B9",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF513AF7-A3D9-46E0-BDCF-A4C9F6DDE83E",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0D2EAFC-436A-4553-B688-268EF5610499",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D62DE9-6693-474F-A2F4-9F53A06F5663",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA78FF31-4D4A-402D-9C3C-61DC9B14A790",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FF30167-0241-4136-82F8-2D2FB545C19A",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "980317BB-165F-4804-926E-9973BC16E28A",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23AEA33F-71CC-473F-86A4-C120532928DE",
              "versionEndIncluding": "3.1.1",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEE25317-09BF-46D2-934B-2D05B1390EFA",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2CBEB8A-617C-470F-BF49-10BE16FBFA97",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C8165D3-9160-4947-B1DF-226698B39E90",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A63021EE-71D7-4CB3-AEDD-90A890FD5959",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C666A18-9DED-4B49-92DE-474403FC17BF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B52D60-38DB-4BE9-91F4-B6553F5E5A93",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1E3204F-9464-4AC3-819B-D1A6B399FAE3",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n sctp_sf_do_5_1D_ce en net/sctp/sm_statefuns.c en el kernel de Linux hasta la versi\u00f3n 3.13.6 no valida ciertos campos auth_enable y auth_capable antes de hacer una llamada sctp_sf_authenticate, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda del sistema) a trav\u00e9s de un SCTP handshake con un fragmento INIT modificado y un fragmento AUTH manipulado anterior a un fragmento COOKIE_ECHO."
    }
  ],
  "id": "CVE-2014-0101",
  "lastModified": "2024-11-21T02:01:22.173",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-03-11T13:01:06.733",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59216"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/03/04/6"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/65943"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2173-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2174-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/03/04/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/65943"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2173-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2174-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-10-15 14:55

Modified

2024-11-21 02:07

Severity ?

Summary

The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address.

References

URL	Tags
cret@cert.org	http://www.exploit-db.com/exploits/34465	Exploit
cret@cert.org	http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf	Exploit
cret@cert.org	https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.exploit-db.com/exploits/34465	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	arx	6.0.0
f5	arx	6.1.0
f5	arx	6.1.1
f5	arx	6.2.0
f5	arx	6.3.0
f5	arx	6.4.0
f5	big-ip_access_policy_manager	10.1.0
f5	big-ip_access_policy_manager	10.2.0
f5	big-ip_access_policy_manager	10.2.1
f5	big-ip_access_policy_manager	10.2.2
f5	big-ip_access_policy_manager	10.2.3
f5	big-ip_access_policy_manager	10.2.4
f5	big-ip_access_policy_manager	11.0.0
f5	big-ip_access_policy_manager	11.1.0
f5	big-ip_access_policy_manager	11.2.0
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_analytics	11.0.0
f5	big-ip_analytics	11.1.0
f5	big-ip_analytics	11.2.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.6.0
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_application_security_manager	10.0.0
f5	big-ip_application_security_manager	10.0.1
f5	big-ip_application_security_manager	10.1.0
f5	big-ip_application_security_manager	10.2.0
f5	big-ip_application_security_manager	10.2.1
f5	big-ip_application_security_manager	10.2.2
f5	big-ip_application_security_manager	10.2.3
f5	big-ip_application_security_manager	10.2.4
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_application_security_manager	11.1.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_edge_gateway	10.1.0
f5	big-ip_edge_gateway	10.2.0
f5	big-ip_edge_gateway	10.2.1
f5	big-ip_edge_gateway	10.2.2
f5	big-ip_edge_gateway	10.2.3
f5	big-ip_edge_gateway	10.2.4
f5	big-ip_edge_gateway	11.0.0
f5	big-ip_edge_gateway	11.1.0
f5	big-ip_edge_gateway	11.2.0
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_edge_gateway	11.3.0
f5	big-ip_global_traffic_manager	10.0.0
f5	big-ip_global_traffic_manager	10.0.1
f5	big-ip_global_traffic_manager	10.1.0
f5	big-ip_global_traffic_manager	10.2.0
f5	big-ip_global_traffic_manager	10.2.1
f5	big-ip_global_traffic_manager	10.2.2
f5	big-ip_global_traffic_manager	10.2.3
f5	big-ip_global_traffic_manager	10.2.4
f5	big-ip_global_traffic_manager	11.0.0
f5	big-ip_global_traffic_manager	11.1.0
f5	big-ip_global_traffic_manager	11.2.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_link_controller	10.0.0
f5	big-ip_link_controller	10.0.1
f5	big-ip_link_controller	10.1.0
f5	big-ip_link_controller	10.2.0
f5	big-ip_link_controller	10.2.1
f5	big-ip_link_controller	10.2.2
f5	big-ip_link_controller	10.2.3
f5	big-ip_link_controller	10.2.4
f5	big-ip_link_controller	11.0.0
f5	big-ip_link_controller	11.1.0
f5	big-ip_link_controller	11.2.0
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.3.0
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.6.0
f5	big-ip_local_traffic_manager	10.0.0
f5	big-ip_local_traffic_manager	10.0.1
f5	big-ip_local_traffic_manager	10.1.0
f5	big-ip_local_traffic_manager	10.2.0
f5	big-ip_local_traffic_manager	10.2.1
f5	big-ip_local_traffic_manager	10.2.2
f5	big-ip_local_traffic_manager	10.2.3
f5	big-ip_local_traffic_manager	10.2.4
f5	big-ip_local_traffic_manager	11.0.0
f5	big-ip_local_traffic_manager	11.1.0
f5	big-ip_local_traffic_manager	11.2.0
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_protocol_security_module	10.0.0
f5	big-ip_protocol_security_module	10.0.1
f5	big-ip_protocol_security_module	10.1.0
f5	big-ip_protocol_security_module	10.2.0
f5	big-ip_protocol_security_module	10.2.1
f5	big-ip_protocol_security_module	10.2.2
f5	big-ip_protocol_security_module	10.2.3
f5	big-ip_protocol_security_module	10.2.4
f5	big-ip_protocol_security_module	11.0.0
f5	big-ip_protocol_security_module	11.1.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_wan_optimization_manager	10.0.0
f5	big-ip_wan_optimization_manager	10.0.1
f5	big-ip_wan_optimization_manager	10.1.0
f5	big-ip_wan_optimization_manager	10.2.0
f5	big-ip_wan_optimization_manager	10.2.1
f5	big-ip_wan_optimization_manager	10.2.2
f5	big-ip_wan_optimization_manager	10.2.3
f5	big-ip_wan_optimization_manager	10.2.4
f5	big-ip_wan_optimization_manager	11.0.0
f5	big-ip_wan_optimization_manager	11.1.0
f5	big-ip_wan_optimization_manager	11.2.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-ip_webaccelerator	10.0.0
f5	big-ip_webaccelerator	10.0.1
f5	big-ip_webaccelerator	10.1.0
f5	big-ip_webaccelerator	10.2.0
f5	big-ip_webaccelerator	10.2.1
f5	big-ip_webaccelerator	10.2.2
f5	big-ip_webaccelerator	10.2.3
f5	big-ip_webaccelerator	10.2.4
f5	big-ip_webaccelerator	11.0.0
f5	big-ip_webaccelerator	11.1.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0
f5	big-iq_cloud	4.0.0
f5	big-iq_cloud	4.1.0
f5	big-iq_cloud	4.2.0
f5	big-iq_cloud	4.3.0
f5	big-iq_device	4.2.0
f5	big-iq_device	4.3.0
f5	big-iq_security	4.0.0
f5	big-iq_security	4.1.0
f5	big-iq_security	4.2.0
f5	big-iq_security	4.3.0
f5	enterprise_manager	2.1.0
f5	enterprise_manager	2.2.0
f5	enterprise_manager	2.3.0
f5	enterprise_manager	3.0.0
f5	enterprise_manager	3.1.0
f5	enterprise_manager	3.1.1
f5	firepass	6.0.0
f5	firepass	6.0.1
f5	firepass	6.0.2
f5	firepass	6.0.3
f5	firepass	6.1.0
f5	firepass	7.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:arx:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "682F6942-167C-4805-BFC2-53445441A464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:arx:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E94644BE-6825-4DC4-998C-51AF6214E2AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:arx:6.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "510BACF3-6F1B-4805-A095-FCCEF56E7313",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:arx:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A9FC9C-50C0-4E7D-A083-D15DEDD11847",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:arx:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "59FF7235-8946-4EA2-90FC-E460151A9B7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:arx:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C8DAD24-29EB-4A8B-9D19-7955D80FE4C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC2A0DC-D931-4450-8D0F-3223A8EDCED9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16ACB60E-B9E9-402A-BE42-DF5C892C2257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EE87BAD-382E-4FA7-BCF9-88EFA36DAB3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71578014-E3CD-40A9-8AE4-537C970B4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4D2DA3-1EF3-428A-ACC0-1C438D6F8648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC8AA37-9962-4CF6-99E5-A6F94582B107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B10D9D9-BC40-4889-9196-C8EA7C571160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB441DC5-813E-4E59-87B8-15731291B135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89F4A12-710E-4F7A-9A8D-D8B91889A279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E951823B-9791-48C7-A804-18FEBEC31279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E3427DB-2918-4934-A3C1-FA5F1632364F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AE053D4-B202-4BDC-93E6-AA84ADC9B24A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6282BAFA-5F16-40FD-A4C0-9CC289CEEA40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A2BEF40-2392-45F3-B5D0-1FB29646C12A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C580F19-AF18-49EE-89FF-8C4F5C88314D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "01DDFFC4-688B-45FB-B548-A9654BACFA05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC616BB8-F668-483F-A75B-B4244921A23D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "073353D3-AF25-421D-9F97-8FB9C5109CCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF47F4-0CD0-43DD-93E7-EA08CDF90B7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "47741322-99CD-4B9E-BD6E-A2934572E60B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "442D343A-973B-4C33-B99B-1EA2B7670DE5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address."
    },
    {
      "lang": "es",
      "value": "El demonio rsync en F5 BIG-IP 11.6 anterior a 11.6.0, 11.5.1 anterior a HF3, 11.5.0 anterior a HF4, 11.4.1 anterior a HF4, 11.4.0 anterior a HF7, 11.3.0 anterior a HF9, y 11.2.1 anterior a HF11 y Enterprise Manager 3.x anterior a 3.1.1 HF2, cuando se configura por error en modo de conmutador, no requiere autenticaci\u00f3n, lo que permite a atacantes remotos escribir ficheros arbitrarios a trav\u00e9s de peticiones cmi a la direcci\u00f3n IP del ConfigSync."
    }
  ],
  "id": "CVE-2014-2927",
  "lastModified": "2024-11-21T02:07:12.320",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-10-15T14:55:06.743",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/34465"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/34465"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-01-08 01:15

Modified

2024-11-21 02:11

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.

References

URL	Tags
cret@cert.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/95841	Third Party Advisory, VDB Entry
cret@cert.org	https://support.f5.com/csp/article/K44942017
cret@cert.org	https://support.f5.com/csp/article/K44942017
cret@cert.org	https://support.f5.com/csp/article/K44942017?utm_source=f5support&amp%3Butm_medium=RSS
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/95841	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K44942017
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K44942017
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K44942017?utm_source=f5support&amp%3Butm_medium=RSS

Impacted products

Vendor	Product	Version
ntp	ntp	4.2.7
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	15.0.0
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	15.0.0
f5	big-ip_analytics	*
f5	big-ip_analytics	*
f5	big-ip_analytics	*
f5	big-ip_analytics	*
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	15.0.0
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	15.0.0
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	15.0.0
f5	big-ip_domain_name_system	*
f5	big-ip_domain_name_system	*
f5	big-ip_domain_name_system	*
f5	big-ip_domain_name_system	15.0.0
f5	big-ip_edge_gateway	*
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	15.0.0
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	15.0.0
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	15.0.0
f5	big-ip_protocol_security_module	*
f5	big-ip_protocol_security_module	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	11.2.1
f5	big-iq_adc	4.5.0
f5	big-iq_centralized_management	*
f5	big-iq_centralized_management	*
f5	big-iq_centralized_management	4.6.0
f5	big-iq_cloud	*
f5	big-iq_cloud_and_orchestration	1.0.0
f5	big-iq_device	*
f5	big-iq_security	*
f5	enterprise_manager	3.1.1
f5	iworkflow	*
f5	mobilesafe	1.0.0
f5	websafe	1.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p25:*:*:*:*:*:*",
              "matchCriteriaId": "FE315238-7191-4A2E-A3C6-2162BE589C78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40267CF4-9AC8-48ED-9DD4-7F947045AE9C",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "699BDE7D-B02D-41A8-BD2C-936B54107616",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D2F203-B830-42E5-AE54-17453F72A45D",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1331467F-B278-485E-AD91-7D0643C2F3DB",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEBAD7C4-AC37-463F-B63C-6EAD5542F2A0",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C046FBE7-DCCD-40FE-AC1F-4DAD11D2E0AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E695F85-F170-4FD4-819E-7DAF31662BF4",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AD67D31-7FB8-4A3F-915D-385617E21428",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E866C4E5-D739-4352-9B6D-9753B4C78A24",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "720A06E3-441B-4D51-8FC0-D569DD7FEB10",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FF1C75A-F753-40CB-9E26-DA6D31931DDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C7CC5A1-6E7B-48BE-9E0A-0D1E51FCEA3D",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2620230F-1D8D-423D-953E-9EEF934C56DD",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42D16634-442B-4674-B11E-6748D28764BD",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713EB3E7-A657-4F6A-901D-618AF660CBBC",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EACA0835-51AD-4AC0-8C87-5564F3A821CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55C26031-A354-4E19-A1C3-415336B2E7C5",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9AF8FC-B730-428D-B317-86ABEF924299",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D91EC11-DD9A-434B-9EB4-14AA0E977D8D",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2833083-97E9-4B3C-8E6B-BCAC1851D148",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8C7C45A-CC14-4092-903C-3001986D2859",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFC01B17-9BC3-425F-8187-5AE7B0AAC227",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DD8FE5B-DA42-41F3-AF57-2DB6C0C70661",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "283155E5-EEAB-4E05-A0E7-B9C5077A5029",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E697E4FD-1882-4BF8-9B9F-FB7DFD19497B",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6434ED4F-0BA2-445A-B6E9-D3E301EE3930",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C2A9F32-FF72-44AA-AA1A-5B09E8E57E24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90D8985-EDE3-4613-9B4A-E3929D1D3721",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "394DF290-9328-4FAD-B04E-61F62B916148",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEC2164D-11D0-4DCD-B814-6AB185C3BADF",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA4AE425-1D86-4DB9-8B8F-74C6678BD528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F8F3686-2C9F-4EB1-973D-FBBC6401744F",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94BB8ADB-C47F-451D-8431-BAE51137C0D8",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1456F84-12B3-462C-A007-262680AA114B",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FBFE46-BCFB-4337-8990-9E92C5C0647E",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9071FCDD-36CE-49F2-9CB1-4495BF852F5B",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72ED4B6A-EC5B-400E-88B7-6C986FC5BC4F",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68E2840B-96F4-4437-91D1-4AFE99E54D6A",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09C950E6-BF12-43D4-9125-AD9D90EDD67A",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A99DC2F-BFC7-4FEA-87DF-5E9DF428F2D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC944480-C2AD-4338-871D-02DE26B3E80A",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "534529CB-53EF-4ABB-A220-6B42DB5A69DC",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A2670B3-1A96-4E72-A316-0AF826E8EC8B",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B83479FA-82FB-4F71-9B98-E683745DB49E",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17CC587-3325-4D95-BE63-B948C63B411D",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FB6D7D8-2688-48A2-8E3E-341881EF0B4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A75EC568-E2B5-4F4E-AECC-44EA39A7EA21",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37257612-FAA4-4004-A4D3-4624F06F0615",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15F4D416-10F4-4C08-A25D-0795F7FE0FBE",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AD3B4BB-7F5C-4565-9345-2D4895630AAD",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B872A0D5-9B23-40F2-8AAB-253A4F406D18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C31E9AFD-27D1-47C4-A577-20BF6B42A1CA",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "041CE71A-50D1-44E6-B683-CD7F89C51893",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B84923CD-9BC8-4241-82A3-5848333FFEB7",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A35703D-1BE0-459B-BDF0-08FB7C36A17E",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "559900D6-7E43-4D2F-9167-BDB04DD5D0DB",
              "versionEndIncluding": "5.4.0",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F37D18F2-8C6A-4557-85DC-2A751595423C",
              "versionEndIncluding": "6.1.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:iworkflow:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FD83CC2-44E9-43F2-A9EF-E6A0C9C6E261",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:mobilesafe:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA70E87-466F-4B68-BFA1-C33FCEEE9FEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:websafe:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE8D2705-DD84-4F26-94E1-4E6644556A98",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de Divulgaci\u00f3n de Informaci\u00f3n en los mensajes privados (modo 6/7) de NTP versi\u00f3n 4.2.7p25 por medio de un mensaje de control GET_RESTRICT, que podr\u00eda permitir a un usuario malicioso obtener informaci\u00f3n confidencial."
    }
  ],
  "id": "CVE-2014-5209",
  "lastModified": "2024-11-21T02:11:37.840",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-08T01:15:09.547",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
    },
    {
      "source": "cret@cert.org",
      "url": "https://support.f5.com/csp/article/K44942017"
    },
    {
      "source": "cret@cert.org",
      "url": "https://support.f5.com/csp/article/K44942017"
    },
    {
      "source": "cret@cert.org",
      "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K44942017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K44942017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-08-19 21:59

Modified

2024-11-21 02:54

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP DNS 12.x before 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 before HF16; BIG-IP GTM 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 11.4.0 through 11.4.1 improperly enables the anonymous IPsec IKE peer configuration object, which allows remote attackers to establish an IKE Phase 1 negotiation and possibly conduct brute-force attacks against Phase 2 negotiations via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://www.securitytracker.com/id/1036618	Third Party Advisory, VDB Entry
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036618	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.5.2
f5	big-ip_application_acceleration_manager	11.5.3
f5	big-ip_application_acceleration_manager	11.5.4
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_application_acceleration_manager	12.0.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.5.2
f5	big-ip_analytics	11.5.3
f5	big-ip_analytics	11.5.4
f5	big-ip_analytics	11.6.0
f5	big-ip_analytics	12.0.0
f5	big-ip_domain_name_system	12.0.0
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_access_policy_manager	11.5.4
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_access_policy_manager	12.0.0
f5	big-ip_local_traffic_manager	11.2.1
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.5.2
f5	big-ip_local_traffic_manager	11.5.3
f5	big-ip_local_traffic_manager	11.5.4
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_local_traffic_manager	12.0.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_advanced_firewall_manager	11.5.4
f5	big-ip_advanced_firewall_manager	11.6.0
f5	big-ip_advanced_firewall_manager	12.0.0
f5	big-ip_websafe	11.6.0
f5	big-ip_websafe	12.0.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.5.2
f5	big-ip_policy_enforcement_manager	11.5.3
f5	big-ip_policy_enforcement_manager	11.5.4
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-ip_policy_enforcement_manager	12.0.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.5.2
f5	big-ip_global_traffic_manager	11.5.3
f5	big-ip_global_traffic_manager	11.5.4
f5	big-ip_global_traffic_manager	11.6.0
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.5.2
f5	big-ip_link_controller	11.5.3
f5	big-ip_link_controller	11.5.4
f5	big-ip_link_controller	11.6.0
f5	big-ip_link_controller	12.0.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_access_policy_manager	11.5.4
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_access_policy_manager	12.0.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.5.2
f5	big-ip_application_security_manager	11.5.3
f5	big-ip_application_security_manager	11.5.4
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_application_security_manager	12.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "228D5DA1-C78A-4E05-997A-50F6C1B59593",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EE1EEA6-1E25-4A90-91A1-386D19808557",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP DNS 12.x before 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 before HF16; BIG-IP GTM 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 11.4.0 through 11.4.1 improperly enables the anonymous IPsec IKE peer configuration object, which allows remote attackers to establish an IKE Phase 1 negotiation and possibly conduct brute-force attacks against Phase 2 negotiations via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "La configuraci\u00f3n por defecto del listener de pares IPsec IKE en F5 BIG-IP LTM, Analytics, APM, ASM y Link Controller 11.2.1 en versiones anteriores a HF16, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.x en versiones anteriores a 12.0.0 HF2; BIG-IP AAM, AFM y PEM 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.x en versiones anteriores a 12.0.0 HF2; BIG-IP DNS 12.x en versiones anteriores a 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator y WOM 11.2.1 en versiones anteriores a HF16; BIG-IP GTM 11.2.1 en versiones anteriores a HF16, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2 y 11.6.x en versiones anteriores a 11.6.1; y BIG-IP PSM 11.4.0 hasta la versi\u00f3n 11.4.1 habilita indebidamente el objeto de configuraci\u00f3n de pares an\u00f3nimos IPsec IKE, lo que permite a atacantes remotos establecer una negociaci\u00f3n IKE Phase 1 y posiblemente llevar a cabo ataques de fuerza bruta contra las negociaciones Phase 2 a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2016-5736",
  "lastModified": "2024-11-21T02:54:55.510",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-19T21:59:12.400",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036618"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-08-09 20:56

Modified

2024-11-21 01:46

Severity ?

Summary

Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products "when APM is provisioned," allows remote attackers to upload and execute arbitrary files via a .. (dot dot) in the filename parameter.

References

URL	Tags
cret@cert.org	http://secunia.com/advisories/53477	Not Applicable, Vendor Advisory
cret@cert.org	http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html	Vendor Advisory
cret@cert.org	https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/53477	Not Applicable, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/	Third Party Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_analytics	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_edge_gateway	*
f5	big-ip_edge_gateway	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_protocol_security_module	*
f5	big-ip_protocol_security_module	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	*
f5	firepass	*
f5	firepass	7.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "384E40E2-6A1E-41EE-9075-C3D4E4C9DF3D",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA3E5454-D0E6-4BF9-B95F-A43ECE1A4C66",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84B339AC-E904-4D62-81B6-61E1899F6855",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD998E02-0896-4970-8BF7-2D2A3EF3FD7B",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70E5E739-25AE-4A53-A756-A7189C785AD9",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC253328-767A-4DC9-85FB-E8E5666B916B",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AD005AD-AC65-44D1-8DB0-86B8D7F8ABE3",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64C91648-A64F-4D8A-9F60-DEE6CA181A87",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A25E12-3EDE-4984-9006-1FBCB1977F2C",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E675191C-CA97-4F56-949A-DF2180C2C9F0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51E532C1-88C1-461F-9563-E74C0DCFBCBD",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A97C7ACA-7D67-49C1-BA1E-256CD9E337D8",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2F00612-6DDC-448F-AF3F-5869A5EDF95B",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99AC375E-C787-4D10-9062-36548041E343",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15CE213B-F42C-4C2E-AFBD-852AB049FF8A",
              "versionEndIncluding": "6.1.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "442D343A-973B-4C33-B99B-1EA2B7670DE5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products \"when APM is provisioned,\" allows remote attackers to upload and execute arbitrary files via a ..  (dot dot) in the filename parameter."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en una firma no especificada de un Applet Java en un componente client-side en F5 BIG-IP APM v10.1.0 hasta v10.2.4 y v11.0.0 hasta v11.3.0, FirePass v6.0.0 hasta v6.1.0 y v7.0.0, y otros productos \"cuando APM se aprovisiona,\" permite que atacantes remotos puedan subir y ejecutar fichero de su elecci\u00f3n a trav\u00e9s de .. (punto punto) en el par\u00e1metro nombre de fichero."
    }
  ],
  "id": "CVE-2013-0150",
  "lastModified": "2024-11-21T01:46:56.830",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-08-09T20:56:06.917",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Not Applicable",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/53477"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/53477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-10-26 17:55

Modified

2024-11-21 01:58

Severity ?

Summary

The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1; and WebAccelerator 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0 might change a TCP connection to the ESTABLISHED state before receiving the ACK packet, which allows remote attackers to cause a denial of service (SIGFPE or assertion failure and TMM restart) via unspecified vectors.

References

URL	Tags
cret@cert.org	http://secunia.com/advisories/55378	Vendor Advisory
cret@cert.org	http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html	Vendor Advisory
cret@cert.org	http://www.securitytracker.com/id/1029220
cret@cert.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/88166
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/55378	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1029220
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/88166

Impacted products

Vendor	Product	Version
f5	big-ip_global_traffic_manager	10.0.0
f5	big-ip_global_traffic_manager	10.0.1
f5	big-ip_global_traffic_manager	10.1.0
f5	big-ip_global_traffic_manager	10.2.0
f5	big-ip_global_traffic_manager	10.2.1
f5	big-ip_global_traffic_manager	10.2.2
f5	big-ip_global_traffic_manager	11.0.0
f5	big-ip_webaccelerator	9.4.0
f5	big-ip_webaccelerator	9.4.1
f5	big-ip_webaccelerator	9.4.2
f5	big-ip_webaccelerator	9.4.3
f5	big-ip_webaccelerator	9.4.4
f5	big-ip_webaccelerator	9.4.5
f5	big-ip_webaccelerator	9.4.6
f5	big-ip_webaccelerator	9.4.7
f5	big-ip_webaccelerator	9.4.8
f5	big-ip_webaccelerator	10.0.0
f5	big-ip_webaccelerator	10.0.1
f5	big-ip_webaccelerator	10.1.0
f5	big-ip_webaccelerator	10.2.0
f5	big-ip_webaccelerator	10.2.1
f5	big-ip_webaccelerator	10.2.2
f5	big-ip_webaccelerator	10.2.3
f5	big-ip_webaccelerator	10.2.4
f5	big-ip_webaccelerator	11.0.0
f5	big-ip_webaccelerator	11.1.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0
f5	big-ip_local_traffic_manager	10.0.0
f5	big-ip_local_traffic_manager	10.0.1
f5	big-ip_local_traffic_manager	10.1.0
f5	big-ip_local_traffic_manager	10.2.0
f5	big-ip_local_traffic_manager	10.2.1
f5	big-ip_local_traffic_manager	10.2.2
f5	big-ip_local_traffic_manager	11.0.0
f5	big-ip_application_security_manager	10.0.0
f5	big-ip_application_security_manager	10.0.1
f5	big-ip_application_security_manager	10.1.0
f5	big-ip_application_security_manager	10.2.0
f5	big-ip_application_security_manager	10.2.1
f5	big-ip_application_security_manager	10.2.2
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_access_policy_manager	10.1.0
f5	big-ip_access_policy_manager	10.2.0
f5	big-ip_access_policy_manager	10.2.1
f5	big-ip_access_policy_manager	10.2.2
f5	big-ip_access_policy_manager	11.0.0
f5	big-ip_wan_optimization_manager	10.0.0
f5	big-ip_wan_optimization_manager	10.0.1
f5	big-ip_wan_optimization_manager	10.1.0
f5	big-ip_wan_optimization_manager	10.2.0
f5	big-ip_wan_optimization_manager	10.2.1
f5	big-ip_wan_optimization_manager	10.2.2
f5	big-ip_wan_optimization_manager	11.0.0
f5	big-ip_edge_gateway	10.1.0
f5	big-ip_edge_gateway	10.2.0
f5	big-ip_edge_gateway	10.2.1
f5	big-ip_edge_gateway	10.2.2
f5	big-ip_edge_gateway	11.0.0
f5	big-ip_protocol_security_module	9.4.5
f5	big-ip_protocol_security_module	9.4.6
f5	big-ip_protocol_security_module	9.4.7
f5	big-ip_protocol_security_module	9.4.8
f5	big-ip_protocol_security_module	10.0.0
f5	big-ip_protocol_security_module	10.0.1
f5	big-ip_protocol_security_module	10.1.0
f5	big-ip_protocol_security_module	10.2.0
f5	big-ip_protocol_security_module	10.2.1
f5	big-ip_protocol_security_module	10.2.2
f5	big-ip_protocol_security_module	10.2.3
f5	big-ip_protocol_security_module	10.2.4
f5	big-ip_protocol_security_module	11.0.0
f5	big-ip_protocol_security_module	11.1.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_link_controller	10.0.0
f5	big-ip_link_controller	10.0.1
f5	big-ip_link_controller	10.1.0
f5	big-ip_link_controller	10.2.0
f5	big-ip_link_controller	10.2.1
f5	big-ip_link_controller	10.2.2
f5	big-ip_link_controller	11.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16ACB60E-B9E9-402A-BE42-DF5C892C2257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EE87BAD-382E-4FA7-BCF9-88EFA36DAB3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB7340E-36AE-40F0-8B38-247803F97038",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEFEE12B-A78F-4288-A98F-2497531D0EAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D4AE2CE-4A4B-4B5F-992C-F939E1CDE6FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAB821F7-26DB-4C74-9129-BBC50DF0C2F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD6FE682-3B40-42B0-A3BC-4281F0003248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFC8D1C6-69AC-4423-A1C7-4093236A7F51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "38CDACEA-9235-4B7F-AC2B-4ACFB4BD9918",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF5FC5A6-0CD0-47E3-87F9-F09BB1B4B920",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7317A692-0D9D-4DF4-99AD-893187E3F298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E951823B-9791-48C7-A804-18FEBEC31279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E3427DB-2918-4934-A3C1-FA5F1632364F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC8AA37-9962-4CF6-99E5-A6F94582B107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC2A0DC-D931-4450-8D0F-3223A8EDCED9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB441DC5-813E-4E59-87B8-15731291B135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89F4A12-710E-4F7A-9A8D-D8B91889A279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8463B1D-8442-4D50-BAAA-122280496A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6448016D-1A8E-42E3-81F8-80772D4EE6B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C54690EB-578A-45DA-9324-4CE84B084BCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "50B828D6-7221-4F94-9C0D-4483E60576EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B10D9D9-BC40-4889-9196-C8EA7C571160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71578014-E3CD-40A9-8AE4-537C970B4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4D2DA3-1EF3-428A-ACC0-1C438D6F8648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1; and WebAccelerator 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0 might change a TCP connection to the ESTABLISHED state before receiving the ACK packet, which allows remote attackers to cause a denial of service (SIGFPE or assertion failure and TMM restart) via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "The Traffic Management Microkernel (TMM) en F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, y WOM 10.0.0 hasta la versi\u00f3n 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0  hasta la versi\u00f3n 9.4.8, 10.0.0  hasta la versi\u00f3n 10.2.4, and 11.0.0  hasta la versi\u00f3n 11.4.1; y WebAccelerator 9.4.0  hasta la versi\u00f3n 9.4.8, 10.0.0  hasta la versi\u00f3n 10.2.4, and 11.0.0  hasta la versi\u00f3n 11.3.0 podr\u00eda cambiar a una conexi\u00f3n TCP al estado ESTABLISHED antes de recibir el paquete ACK, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (SIGFPE o error de aserci\u00f3n y reinicio TMM) a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2013-6016",
  "lastModified": "2024-11-21T01:58:37.727",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-10-26T17:55:03.527",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/55378"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securitytracker.com/id/1029220"
    },
    {
      "source": "cret@cert.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88166"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/55378"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1029220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88166"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2015-11-06 18:59

Modified

2024-11-21 02:35

Severity ?

Summary

The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, BIG-IP AAM 11.4.0 before 11.6.0, BIG-IP AFM and PEM 11.3.0 before 11.6.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0, BIG-IP PSM 11.0.0 through 11.4.1 allows remote attackers to cause a denial of service via "malicious traffic."

References

URL	Tags
cve@mitre.org	http://www.securitytracker.com/id/1033952
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1033952
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.5.2
f5	big-ip_application_acceleration_manager	11.5.3
f5	big-ip_global_traffic_manager	11.0.0
f5	big-ip_global_traffic_manager	11.1.0
f5	big-ip_global_traffic_manager	11.2.0
f5	big-ip_global_traffic_manager	11.2.1
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.5.2
f5	big-ip_global_traffic_manager	11.5.3
f5	big-ip_access_policy_manager	11.0.0
f5	big-ip_access_policy_manager	11.1.0
f5	big-ip_access_policy_manager	11.2.0
f5	big-ip_access_policy_manager	11.2.1
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_webaccelerator	11.0.0
f5	big-ip_webaccelerator	11.1.0
f5	big-ip_webaccelerator	11.2.0
f5	big-ip_webaccelerator	11.2.1
f5	big-ip_webaccelerator	11.3.0
f5	big-ip_application_security_manager	11.0.0
f5	big-ip_application_security_manager	11.1.0
f5	big-ip_application_security_manager	11.2.0
f5	big-ip_application_security_manager	11.2.1
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.5.2
f5	big-ip_application_security_manager	11.5.3
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.5.2
f5	big-ip_policy_enforcement_manager	11.5.3
f5	big-ip_wan_optimization_manager	11.0.0
f5	big-ip_wan_optimization_manager	11.1.0
f5	big-ip_wan_optimization_manager	11.2.0
f5	big-ip_wan_optimization_manager	11.2.1
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-ip_protocol_security_module	11.0.0
f5	big-ip_protocol_security_module	11.1.0
f5	big-ip_protocol_security_module	11.2.0
f5	big-ip_protocol_security_module	11.2.1
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_edge_gateway	11.0.0
f5	big-ip_edge_gateway	11.1.0
f5	big-ip_edge_gateway	11.2.0
f5	big-ip_edge_gateway	11.2.1
f5	big-ip_edge_gateway	11.3.0
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_link_controller	11.0.0
f5	big-ip_link_controller	11.1.0
f5	big-ip_link_controller	11.2.0
f5	big-ip_link_controller	11.2.1
f5	big-ip_link_controller	11.3.0
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.5.2
f5	big-ip_link_controller	11.5.3
f5	big-ip_analytics	11.0.0
f5	big-ip_analytics	11.1.0
f5	big-ip_analytics	11.2.0
f5	big-ip_analytics	11.2.1
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.5.2
f5	big-ip_analytics	11.5.3
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.5.2
f5	big-ip_local_traffic_manager	11.5.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, BIG-IP AAM 11.4.0 before 11.6.0, BIG-IP AFM and PEM 11.3.0 before 11.6.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0, BIG-IP PSM 11.0.0 through 11.4.1 allows remote attackers to cause a denial of service via \"malicious traffic.\""
    },
    {
      "lang": "es",
      "value": "El host vCMP en F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller y LTM 11.0.0 en versiones anteriores a 11.6.0, BIG-IP AAM 11.4.0 en versiones anteriores a 11.6.0, BIG-IP AFM y PEM 11.3.0 en versiones anteriores a 11.6.0, BIG-IP Edge Gateway, WebAccelerator y WOM 11.0.0 hasta la versi\u00f3n 11.3.0, BIG-IP PSM 11.0.0 hasta la versi\u00f3n 11.4.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio a trav\u00e9s de \u0027tr\u00e1fico malicioso\u0027."
    }
  ],
  "id": "CVE-2015-6546",
  "lastModified": "2024-11-21T02:35:11.760",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-11-06T18:59:01.847",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1033952"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1033952"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2015-12-07 20:59

Modified

2024-11-21 02:29

Severity ?

Summary

The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP AAM 11.4.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 before 11.6.0 HF6, BIG-IP PSM 11.3.0 through 11.4.1, Enterprise Manager 3.1.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with the "Resource Administrator" role to gain privileges via an iCall (1) script or (2) handler in a SOAP request to iControl/iControlPortal.cgi.

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html	Exploit
cve@mitre.org	http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd	Exploit
cve@mitre.org	http://www.securitytracker.com/id/1034306
cve@mitre.org	http://www.securitytracker.com/id/1034307
cve@mitre.org	https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html	Vendor Advisory
cve@mitre.org	https://www.exploit-db.com/exploits/38764/
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034306
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034307
af854a3a-2127-422b-91ae-364da2661108	https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/38764/

Impacted products

Vendor	Product	Version
f5	big-iq_security	4.0.0
f5	big-iq_security	4.1.0
f5	big-iq_security	4.2.0
f5	big-iq_security	4.3.0
f5	big-iq_security	4.4.0
f5	big-iq_security	4.5.0
f5	big-ip_application_acceleration_manager	11.4.0
f5	big-ip_application_acceleration_manager	11.4.1
f5	big-ip_application_acceleration_manager	11.5.0
f5	big-ip_application_acceleration_manager	11.5.1
f5	big-ip_application_acceleration_manager	11.5.2
f5	big-ip_application_acceleration_manager	11.5.3
f5	big-ip_application_acceleration_manager	11.6.0
f5	big-ip_wan_optimization_manager	11.3.0
f5	big-iq_adc	4.5.0
f5	big-ip_application_security_manager	11.3.0
f5	big-ip_application_security_manager	11.4.0
f5	big-ip_application_security_manager	11.4.1
f5	big-ip_application_security_manager	11.5.0
f5	big-ip_application_security_manager	11.5.1
f5	big-ip_application_security_manager	11.5.2
f5	big-ip_application_security_manager	11.5.3
f5	big-ip_application_security_manager	11.6.0
f5	big-ip_global_traffic_manager	11.3.0
f5	big-ip_global_traffic_manager	11.4.0
f5	big-ip_global_traffic_manager	11.4.1
f5	big-ip_global_traffic_manager	11.5.0
f5	big-ip_global_traffic_manager	11.5.1
f5	big-ip_global_traffic_manager	11.5.2
f5	big-ip_global_traffic_manager	11.5.3
f5	big-ip_global_traffic_manager	11.6.0
f5	big-iq_device	4.2.0
f5	big-iq_device	4.3.0
f5	big-iq_device	4.4.0
f5	big-iq_device	4.5.0
f5	big-ip_edge_gateway	11.3.0
f5	big-ip_local_traffic_manager	11.3.0
f5	big-ip_local_traffic_manager	11.4.0
f5	big-ip_local_traffic_manager	11.4.1
f5	big-ip_local_traffic_manager	11.5.0
f5	big-ip_local_traffic_manager	11.5.1
f5	big-ip_local_traffic_manager	11.5.2
f5	big-ip_local_traffic_manager	11.5.3
f5	big-ip_local_traffic_manager	11.6.0
f5	big-ip_access_policy_manager	11.3.0
f5	big-ip_access_policy_manager	11.4.0
f5	big-ip_access_policy_manager	11.4.1
f5	big-ip_access_policy_manager	11.5.0
f5	big-ip_access_policy_manager	11.5.1
f5	big-ip_access_policy_manager	11.5.2
f5	big-ip_access_policy_manager	11.5.3
f5	big-ip_access_policy_manager	11.6.0
f5	big-ip_policy_enforcement_manager	11.3.0
f5	big-ip_policy_enforcement_manager	11.4.0
f5	big-ip_policy_enforcement_manager	11.4.1
f5	big-ip_policy_enforcement_manager	11.5.0
f5	big-ip_policy_enforcement_manager	11.5.1
f5	big-ip_policy_enforcement_manager	11.5.2
f5	big-ip_policy_enforcement_manager	11.5.3
f5	big-ip_policy_enforcement_manager	11.6.0
f5	big-iq_cloud	4.0.0
f5	big-iq_cloud	4.1.0
f5	big-iq_cloud	4.2.0
f5	big-iq_cloud	4.3.0
f5	big-iq_cloud	4.4.0
f5	big-iq_cloud	4.5.0
f5	big-ip_analytics	11.3.0
f5	big-ip_analytics	11.4.0
f5	big-ip_analytics	11.4.1
f5	big-ip_analytics	11.5.0
f5	big-ip_analytics	11.5.1
f5	big-ip_analytics	11.5.2
f5	big-ip_analytics	11.5.3
f5	big-ip_analytics	11.6.0
f5	big-ip_protocol_security_module	11.3.0
f5	big-ip_protocol_security_module	11.4.0
f5	big-ip_protocol_security_module	11.4.1
f5	big-ip_webaccelerator	11.3.0
f5	big-ip_link_controller	11.3.0
f5	big-ip_link_controller	11.4.0
f5	big-ip_link_controller	11.4.1
f5	big-ip_link_controller	11.5.0
f5	big-ip_link_controller	11.5.1
f5	big-ip_link_controller	11.5.2
f5	big-ip_link_controller	11.5.3
f5	big-ip_link_controller	11.6.0
f5	big-ip_enterprise_manager	3.0.0
f5	big-ip_enterprise_manager	3.1.0
f5	big-ip_enterprise_manager	3.1.1
f5	big-ip_advanced_firewall_manager	11.3.0
f5	big-ip_advanced_firewall_manager	11.4.0
f5	big-ip_advanced_firewall_manager	11.4.1
f5	big-ip_advanced_firewall_manager	11.5.0
f5	big-ip_advanced_firewall_manager	11.5.1
f5	big-ip_advanced_firewall_manager	11.5.2
f5	big-ip_advanced_firewall_manager	11.5.3
f5	big-ip_advanced_firewall_manager	11.6.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13753E9F-11AA-41F4-930E-BD9866D03396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D04FC0C-5E44-4DAD-9542-C772EA35916C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE47FF9-E13D-41D3-BEA2-EF1B973CB0A9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP AAM 11.4.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 before 11.6.0 HF6, BIG-IP PSM 11.3.0 through 11.4.1, Enterprise Manager 3.1.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with the \"Resource Administrator\" role to gain privileges via an iCall (1) script or (2) handler in a SOAP request to iControl/iControlPortal.cgi."
    },
    {
      "lang": "es",
      "value": "La API iControl en F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller y PEM 11.3.0 en versiones anteriores a 11.5.3 HF2 y 11.6.0 en versiones anteriores a 11.6.0 HF6, BIG-IP AAM 11.4.0 en versiones anteriores a 11.5.3 HF2 y 11.6.0 en versiones anteriores a 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator y WOM 11.3.0, BIG-IP GTM 11.3.0 en versiones anteriores a 11.6.0 HF6, BIG-IP PSM 11.3.0 hasta la versi\u00f3n 11.4.1, Enterprise Manager 3.1.0 hasta la versi\u00f3n 3.1.1, BIG-IQ Cloud and Security 4.0.0 hasta la versi\u00f3n 4.5.0, BIG-IQ Device 4.2.0 hasta la versi\u00f3n 4.5.0 y BIG-IQ ADC 4.5.0 permiten a usuarios remotos autenticados con el rol \u0027Resource Administrator\u0027 obtener privilegios a trav\u00e9s de (1) una secuencia de comandos o (2) un manejador iCall en una petici\u00f3n SOAP aiControl/iControlPortal.cgi."
    }
  ],
  "id": "CVE-2015-3628",
  "lastModified": "2024-11-21T02:29:31.077",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-12-07T20:59:04.587",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034306"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034307"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.exploit-db.com/exploits/38764/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034306"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034307"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/38764/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

All the vulnerabilites related to f5 - big-ip_wan_optimization_manager

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd