All the vulnerabilites related to sonicwall - global_management_system
cve-2015-3990
Vulnerability from cvelistv5
Published
2015-05-20 18:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032373 | vdb-entry, x_refsource_SECTRACK | |
| https://support.software.dell.com/product-notification/152178 | x_refsource_CONFIRM | |
| http://www.zerodayinitiative.com/advisories/ZDI-15-231/ | x_refsource_MISC | |
| http://www.securityfocus.com/bid/74756 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032373"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.software.dell.com/product-notification/152178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-231/"
},
{
"name": "74756",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74756"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-20T20:52:17",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "1032373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032373"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.software.dell.com/product-notification/152178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-231/"
},
{
"name": "74756",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74756"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2015-3990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032373"
},
{
"name": "https://support.software.dell.com/product-notification/152178",
"refsource": "CONFIRM",
"url": "https://support.software.dell.com/product-notification/152178"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-231/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-231/"
},
{
"name": "74756",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74756"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2015-3990",
"datePublished": "2015-05-20T18:00:00",
"dateReserved": "2015-05-15T00:00:00",
"dateUpdated": "2024-08-06T06:04:02.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2397
Vulnerability from cvelistv5
Published
2016-02-17 15:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.zerodayinitiative.com/advisories/ZDI-16-163 | x_refsource_MISC | |
| http://www.securitytracker.com/id/1035015 | vdb-entry, x_refsource_SECTRACK | |
| https://support.software.dell.com/product-notification/185943 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:49.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-163"
},
{
"name": "1035015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035015"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.software.dell.com/product-notification/185943"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-04-19T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-163"
},
{
"name": "1035015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035015"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.software.dell.com/product-notification/185943"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2397",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-163",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-163"
},
{
"name": "1035015",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035015"
},
{
"name": "https://support.software.dell.com/product-notification/185943",
"refsource": "CONFIRM",
"url": "https://support.software.dell.com/product-notification/185943"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2397",
"datePublished": "2016-02-17T15:00:00",
"dateReserved": "2016-02-17T00:00:00",
"dateUpdated": "2024-08-05T23:24:49.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-20020
Vulnerability from cvelistv5
Published
2021-04-10 06:50
Modified
2024-08-03 17:30
Severity ?
EPSS score ?
Summary
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0009 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SonicWall | Global Management System (GMS) |
Version: 9.3 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:30:07.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Global Management System (GMS)",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-10T06:50:12",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0009"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2021-20020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Global Management System (GMS)",
"version": {
"version_data": [
{
"version_value": "9.3 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0009",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0009"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2021-20020",
"datePublished": "2021-04-10T06:50:12",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:30:07.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-7025
Vulnerability from cvelistv5
Published
2013-12-09 11:00
Modified
2024-08-06 17:53
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or HTML via the (1) valfield_1 or (2) value_1 parameter to createNewThreshold.jsp.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2013-12/0022.html | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/55923 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/89462 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/100610 | vdb-entry, x_refsource_OSVDB | |
| http://seclists.org/fulldisclosure/2013/Dec/32 | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/bid/64103 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1029433 | vdb-entry, x_refsource_SECTRACK | |
| http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_Hotfix_134235.pdf | x_refsource_CONFIRM | |
| http://www.exploit-db.com/exploits/30054 | exploit, x_refsource_EXPLOIT-DB | |
| http://www.vulnerability-lab.com/get_content.php?id=1099 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:53:45.862Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131205 Sonicwall GMS v7.x - Filter Bypass \u0026 Persistent Vulnerability (0Day)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0022.html"
},
{
"name": "55923",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55923"
},
{
"name": "sonicwall-ematstaticalerttypes-xss(89462)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89462"
},
{
"name": "100610",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/100610"
},
{
"name": "20131205 Sonicwall GMS v7.x - Filter Bypass \u0026 Persistent Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Dec/32"
},
{
"name": "64103",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64103"
},
{
"name": "1029433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029433"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_Hotfix_134235.pdf"
},
{
"name": "30054",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/30054"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vulnerability-lab.com/get_content.php?id=1099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or HTML via the (1) valfield_1 or (2) value_1 parameter to createNewThreshold.jsp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20131205 Sonicwall GMS v7.x - Filter Bypass \u0026 Persistent Vulnerability (0Day)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0022.html"
},
{
"name": "55923",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55923"
},
{
"name": "sonicwall-ematstaticalerttypes-xss(89462)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89462"
},
{
"name": "100610",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/100610"
},
{
"name": "20131205 Sonicwall GMS v7.x - Filter Bypass \u0026 Persistent Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Dec/32"
},
{
"name": "64103",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64103"
},
{
"name": "1029433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029433"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_Hotfix_134235.pdf"
},
{
"name": "30054",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/30054"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vulnerability-lab.com/get_content.php?id=1099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or HTML via the (1) valfield_1 or (2) value_1 parameter to createNewThreshold.jsp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131205 Sonicwall GMS v7.x - Filter Bypass \u0026 Persistent Vulnerability (0Day)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0022.html"
},
{
"name": "55923",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55923"
},
{
"name": "sonicwall-ematstaticalerttypes-xss(89462)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89462"
},
{
"name": "100610",
"refsource": "OSVDB",
"url": "http://osvdb.org/100610"
},
{
"name": "20131205 Sonicwall GMS v7.x - Filter Bypass \u0026 Persistent Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2013/Dec/32"
},
{
"name": "64103",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64103"
},
{
"name": "1029433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029433"
},
{
"name": "http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_Hotfix_134235.pdf",
"refsource": "CONFIRM",
"url": "http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_Hotfix_134235.pdf"
},
{
"name": "30054",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/30054"
},
{
"name": "http://www.vulnerability-lab.com/get_content.php?id=1099",
"refsource": "MISC",
"url": "http://www.vulnerability-lab.com/get_content.php?id=1099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-7025",
"datePublished": "2013-12-09T11:00:00",
"dateReserved": "2013-12-08T00:00:00",
"dateUpdated": "2024-08-06T17:53:45.862Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34124
Vulnerability from cvelistv5
Published
2023-07-13 00:14
Modified
2024-10-30 18:53
Severity ?
EPSS score ?
Summary
The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:53.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T18:53:33.391833Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T18:53:45.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-12T23:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\u003cp\u003e\u003c/p\u003e"
}
],
"value": "The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-305",
"description": "CWE-305 Authentication Bypass by Primary Weakness",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T00:14:16.861Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34124",
"datePublished": "2023-07-13T00:14:16.861Z",
"dateReserved": "2023-05-25T22:45:46.851Z",
"dateUpdated": "2024-10-30T18:53:45.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34131
Vulnerability from cvelistv5
Published
2023-07-13 02:20
Modified
2024-10-30 19:18
Severity ?
EPSS score ?
Summary
Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics enables an unauthenticated attacker to access restricted web pages. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 | vendor-advisory | |
| https://www.sonicwall.com/support/notices/230710150218060 | related |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34131",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T19:18:09.777415Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T19:18:21.598Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-13T02:21:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics enables an unauthenticated attacker to access restricted web pages. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"value": "Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics enables an unauthenticated attacker to access restricted web pages. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T02:20:39.413Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34131",
"datePublished": "2023-07-13T02:20:39.413Z",
"dateReserved": "2023-05-25T22:45:46.852Z",
"dateUpdated": "2024-10-30T19:18:21.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34125
Vulnerability from cvelistv5
Published
2023-07-13 00:21
Modified
2024-11-05 15:34
Severity ?
EPSS score ?
Summary
Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read arbitrary files from the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 | vendor-advisory | |
| https://www.sonicwall.com/support/notices/230710150218060 | related |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34125",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-05T15:34:38.926559Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T15:34:52.319Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-13T00:19:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read arbitrary files from the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read arbitrary files from the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-27",
"description": "CWE-27 Path Traversal: \u0027dir/../../filename\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T00:21:21.095Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34125",
"datePublished": "2023-07-13T00:21:21.095Z",
"dateReserved": "2023-05-25T22:45:46.851Z",
"dateUpdated": "2024-11-05T15:34:52.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2396
Vulnerability from cvelistv5
Published
2016-02-17 15:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1035015 | vdb-entry, x_refsource_SECTRACK | |
| http://www.zerodayinitiative.com/advisories/ZDI-16-164 | x_refsource_MISC | |
| https://support.software.dell.com/product-notification/185943 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:49.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035015"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-164"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.software.dell.com/product-notification/185943"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-20T20:52:16",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "1035015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035015"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-164"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.software.dell.com/product-notification/185943"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2016-2396",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035015",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035015"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-164",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-164"
},
{
"name": "https://support.software.dell.com/product-notification/185943",
"refsource": "CONFIRM",
"url": "https://support.software.dell.com/product-notification/185943"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2016-2396",
"datePublished": "2016-02-17T15:00:00",
"dateReserved": "2016-02-17T00:00:00",
"dateUpdated": "2024-08-05T23:24:49.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-8420
Vulnerability from cvelistv5
Published
2014-11-25 15:00
Modified
2024-08-06 13:18
Severity ?
EPSS score ?
Summary
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.software.dell.com/product-notification/136814 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/98911 | vdb-entry, x_refsource_XF | |
| http://www.zerodayinitiative.com/advisories/ZDI-14-385/ | x_refsource_MISC | |
| http://www.securityfocus.com/bid/71241 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:18:47.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.software.dell.com/product-notification/136814"
},
{
"name": "dell-sonicwall-cve20148420-code-exec(98911)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98911"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-385/"
},
{
"name": "71241",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71241"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.software.dell.com/product-notification/136814"
},
{
"name": "dell-sonicwall-cve20148420-code-exec(98911)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98911"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-385/"
},
{
"name": "71241",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71241"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.software.dell.com/product-notification/136814",
"refsource": "CONFIRM",
"url": "https://support.software.dell.com/product-notification/136814"
},
{
"name": "dell-sonicwall-cve20148420-code-exec(98911)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98911"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-14-385/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-385/"
},
{
"name": "71241",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71241"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8420",
"datePublished": "2014-11-25T15:00:00",
"dateReserved": "2014-10-22T00:00:00",
"dateUpdated": "2024-08-06T13:18:47.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-0332
Vulnerability from cvelistv5
Published
2014-02-14 16:00
Modified
2024-08-06 09:13
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inject arbitrary web script or HTML via the node_id parameter in a ScreenDisplayManager genNetwork action.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/65498 | vdb-entry, x_refsource_BID | |
| http://www.kb.cert.org/vuls/id/727318 | third-party-advisory, x_refsource_CERT-VN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/91062 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/103216 | vdb-entry, x_refsource_OSVDB | |
| http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_XSS_Resolved_in_7.1_SP2_and_7.2.pdf | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:13:09.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "65498",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65498"
},
{
"name": "VU#727318",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/727318"
},
{
"name": "sonicwall-cve20140332-nodeid-xss(91062)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91062"
},
{
"name": "103216",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/103216"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_XSS_Resolved_in_7.1_SP2_and_7.2.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inject arbitrary web script or HTML via the node_id parameter in a ScreenDisplayManager genNetwork action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "65498",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65498"
},
{
"name": "VU#727318",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/727318"
},
{
"name": "sonicwall-cve20140332-nodeid-xss(91062)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91062"
},
{
"name": "103216",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/103216"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_XSS_Resolved_in_7.1_SP2_and_7.2.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-0332",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inject arbitrary web script or HTML via the node_id parameter in a ScreenDisplayManager genNetwork action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "65498",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65498"
},
{
"name": "VU#727318",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/727318"
},
{
"name": "sonicwall-cve20140332-nodeid-xss(91062)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91062"
},
{
"name": "103216",
"refsource": "OSVDB",
"url": "http://osvdb.org/103216"
},
{
"name": "http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_XSS_Resolved_in_7.1_SP2_and_7.2.pdf",
"refsource": "CONFIRM",
"url": "http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_XSS_Resolved_in_7.1_SP2_and_7.2.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-0332",
"datePublished": "2014-02-14T16:00:00",
"dateReserved": "2013-12-05T00:00:00",
"dateUpdated": "2024-08-06T09:13:09.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1360
Vulnerability from cvelistv5
Published
2020-02-11 15:44
Modified
2024-08-06 14:57
Severity ?
EPSS score ?
Summary
An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1028007 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/57446 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/81366 | x_refsource_MISC | |
| http://www.exploit-db.com/exploits/24203 | x_refsource_MISC | |
| http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.html | x_refsource_MISC | |
| https://packetstormsecurity.com/files/cve/CVE-2013-1360 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:57:05.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028007"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57446"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81366"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/24203"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1360"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T15:44:43",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id/1028007"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/57446"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81366"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.exploit-db.com/exploits/24203"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1360"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1360",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securitytracker.com/id/1028007",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1028007"
},
{
"name": "http://www.securityfocus.com/bid/57446",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/57446"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81366",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81366"
},
{
"name": "http://www.exploit-db.com/exploits/24203",
"refsource": "MISC",
"url": "http://www.exploit-db.com/exploits/24203"
},
{
"name": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.html",
"refsource": "MISC",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.html"
},
{
"name": "https://packetstormsecurity.com/files/cve/CVE-2013-1360",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1360"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1360",
"datePublished": "2020-02-11T15:44:43",
"dateReserved": "2013-01-14T00:00:00",
"dateUpdated": "2024-08-06T14:57:05.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7478
Vulnerability from cvelistv5
Published
2019-12-30 23:50
Modified
2024-08-04 20:54
Severity ?
EPSS score ?
Summary
A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module. This vulnerability affected GMS versions GMS 8.4, 8.5, 8.6, 8.7, 9.0 and 9.1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0011 | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:54:27.031Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "GMS 8.4"
},
{
"status": "affected",
"version": "GMS 8.5"
},
{
"status": "affected",
"version": "GMS 8.6"
},
{
"status": "affected",
"version": "GMS 8.7"
},
{
"status": "affected",
"version": "GMS 9.0"
},
{
"status": "affected",
"version": "GMS 9.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module. This vulnerability affected GMS versions GMS 8.4, 8.5, 8.6, 8.7, 9.0 and 9.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Sanitization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-30T23:50:10",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0011"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2019-7478",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "GMS",
"version": {
"version_data": [
{
"version_value": "GMS 8.4"
},
{
"version_value": "GMS 8.5"
},
{
"version_value": "GMS 8.6"
},
{
"version_value": "GMS 8.7"
},
{
"version_value": "GMS 9.0"
},
{
"version_value": "GMS 9.1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module. This vulnerability affected GMS versions GMS 8.4, 8.5, 8.6, 8.7, 9.0 and 9.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89: Improper Sanitization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0011",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0011"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2019-7478",
"datePublished": "2019-12-30T23:50:10",
"dateReserved": "2019-02-06T00:00:00",
"dateUpdated": "2024-08-04T20:54:27.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-22280
Vulnerability from cvelistv5
Published
2022-07-29 21:05
Modified
2024-08-03 03:07
Severity ?
EPSS score ?
Summary
Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0007 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | SonicWall | SonicWall GMS |
Version: 9.3.1-SP2-Hotfix1 and earlier |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicWall GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.1-SP2-Hotfix1 and earlier"
}
]
},
{
"product": "SonicWall Analytics On-Prem",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.3-2520 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-29T21:05:12",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0007"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2022-22280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicWall GMS",
"version": {
"version_data": [
{
"version_value": "9.3.1-SP2-Hotfix1 and earlier"
}
]
}
},
{
"product_name": "SonicWall Analytics On-Prem",
"version": {
"version_data": [
{
"version_value": "2.5.0.3-2520 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0007",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0007"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2022-22280",
"datePublished": "2022-07-29T21:05:12",
"dateReserved": "2021-12-29T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-9866
Vulnerability from cvelistv5
Published
2018-08-03 20:00
Modified
2024-08-05 07:24
Severity ?
EPSS score ?
Summary
A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance's, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier.
References
| ▼ | URL | Tags |
|---|---|---|
| https://twitter.com/ddouhine/status/1019251292202586112 | x_refsource_MISC | |
| https://github.com/rapid7/metasploit-framework/pull/10305 | x_refsource_MISC | |
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0007 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SonicWall | Global Management System (GMS) |
Version: 8.1 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:24:56.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://twitter.com/ddouhine/status/1019251292202586112"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/10305"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Global Management System (GMS)",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "8.1 and earlier"
}
]
}
],
"datePublic": "2018-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance\u0027s, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-03T19:57:01",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://twitter.com/ddouhine/status/1019251292202586112"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/10305"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0007"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2018-9866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Global Management System (GMS)",
"version": {
"version_data": [
{
"version_value": "8.1 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance\u0027s, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://twitter.com/ddouhine/status/1019251292202586112",
"refsource": "MISC",
"url": "https://twitter.com/ddouhine/status/1019251292202586112"
},
{
"name": "https://github.com/rapid7/metasploit-framework/pull/10305",
"refsource": "MISC",
"url": "https://github.com/rapid7/metasploit-framework/pull/10305"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0007",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0007"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2018-9866",
"datePublished": "2018-08-03T20:00:00",
"dateReserved": "2018-04-09T00:00:00",
"dateUpdated": "2024-08-05T07:24:56.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34123
Vulnerability from cvelistv5
Published
2023-07-12 23:16
Modified
2024-11-06 17:01
Severity ?
EPSS score ?
Summary
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 | vendor-advisory | |
| https://www.sonicwall.com/support/notices/230710150218060 | related |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34123",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T17:00:38.382269Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T17:01:05.956Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-12T23:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321 Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T00:22:30.529Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34123",
"datePublished": "2023-07-12T23:16:31.146Z",
"dateReserved": "2023-05-25T22:45:46.850Z",
"dateUpdated": "2024-11-06T17:01:05.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1359
Vulnerability from cvelistv5
Published
2020-02-11 16:42
Modified
2024-08-06 14:57
Severity ?
EPSS score ?
Summary
An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/57445 | x_refsource_MISC | |
| http://www.exploit-db.com/exploits/24204 | x_refsource_MISC | |
| http://www.exploit-db.com/exploits/24322 | x_refsource_MISC | |
| http://www.securitytracker.com/id/1028007 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/81367 | x_refsource_MISC | |
| https://packetstormsecurity.com/files/author/7547/ | x_refsource_MISC | |
| https://fortiguard.com/encyclopedia/ips/35264/multiple-sonicwall-products-authentication-bypass-vulns | x_refsource_MISC | |
| https://seclists.org/fulldisclosure/2013/Jan/125 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:57:05.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57445"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/24204"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/24322"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028007"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81367"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/author/7547/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fortiguard.com/encyclopedia/ips/35264/multiple-sonicwall-products-authentication-bypass-vulns"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2013/Jan/125"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T16:42:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/57445"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.exploit-db.com/exploits/24204"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.exploit-db.com/exploits/24322"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id/1028007"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81367"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/author/7547/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fortiguard.com/encyclopedia/ips/35264/multiple-sonicwall-products-authentication-bypass-vulns"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/fulldisclosure/2013/Jan/125"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/57445",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/57445"
},
{
"name": "http://www.exploit-db.com/exploits/24204",
"refsource": "MISC",
"url": "http://www.exploit-db.com/exploits/24204"
},
{
"name": "http://www.exploit-db.com/exploits/24322",
"refsource": "MISC",
"url": "http://www.exploit-db.com/exploits/24322"
},
{
"name": "http://www.securitytracker.com/id/1028007",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1028007"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81367",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81367"
},
{
"name": "https://packetstormsecurity.com/files/author/7547/",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/author/7547/"
},
{
"name": "https://fortiguard.com/encyclopedia/ips/35264/multiple-sonicwall-products-authentication-bypass-vulns",
"refsource": "MISC",
"url": "https://fortiguard.com/encyclopedia/ips/35264/multiple-sonicwall-products-authentication-bypass-vulns"
},
{
"name": "https://seclists.org/fulldisclosure/2013/Jan/125",
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2013/Jan/125"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1359",
"datePublished": "2020-02-11T16:42:01",
"dateReserved": "2013-01-14T00:00:00",
"dateUpdated": "2024-08-06T14:57:05.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34126
Vulnerability from cvelistv5
Published
2023-07-13 00:44
Modified
2024-10-31 17:58
Severity ?
EPSS score ?
Summary
Vulnerability in SonicWall GMS and Analytics allows an authenticated attacker to upload files on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 | vendor-advisory | |
| https://www.sonicwall.com/support/notices/230710150218060 | related |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34126",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-31T17:58:06.640728Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T17:58:17.736Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-13T00:42:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Vulnerability in SonicWall GMS and Analytics allows an authenticated attacker to upload files on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"value": "Vulnerability in SonicWall GMS and Analytics allows an authenticated attacker to upload files on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T00:44:10.845Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34126",
"datePublished": "2023-07-13T00:44:10.845Z",
"dateReserved": "2023-05-25T22:45:46.851Z",
"dateUpdated": "2024-10-31T17:58:17.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34128
Vulnerability from cvelistv5
Published
2023-07-13 00:58
Modified
2024-10-31 17:55
Severity ?
EPSS score ?
Summary
Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 | vendor-advisory | |
| https://www.sonicwall.com/support/notices/230710150218060 | related |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34128",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-31T17:55:38.893138Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T17:55:48.342Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-13T00:58:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"value": "Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-260",
"description": "CWE-260 Password in Configuration File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T00:58:35.946Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34128",
"datePublished": "2023-07-13T00:58:35.946Z",
"dateReserved": "2023-05-25T22:45:46.851Z",
"dateUpdated": "2024-10-31T17:55:48.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34132
Vulnerability from cvelistv5
Published
2023-07-13 02:24
Modified
2024-10-30 19:15
Severity ?
EPSS score ?
Summary
Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:53.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34132",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T19:15:29.760186Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T19:15:42.425Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-12T23:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"value": "Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-836",
"description": "CWE-836 Use of Password Hash Instead of Password for Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T02:24:25.820Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34132",
"datePublished": "2023-07-13T02:24:25.820Z",
"dateReserved": "2023-05-25T22:45:46.852Z",
"dateUpdated": "2024-10-30T19:15:42.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-20030
Vulnerability from cvelistv5
Published
2022-10-13 00:00
Modified
2024-08-03 17:30
Severity ?
EPSS score ?
Summary
SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application's binaries and configuration files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SonicWall | SonicWall GMS |
Version: prior GMS 9.3.2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:30:07.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicWall GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "prior GMS 9.3.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application\u0027s binaries and configuration files."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-13T00:00:00",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0021"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2021-20030",
"datePublished": "2022-10-13T00:00:00",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:30:07.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7476
Vulnerability from cvelistv5
Published
2019-04-26 20:25
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access to the appliance using existing SSH key. This vulnerability affects GMS versions 9.1, 9.0, 8.7, 8.6, 8.4, 8.3 and earlier.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0004 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SonicWall | Global Management System (GMS) |
Version: 9.1 Version: 9.0 Version: 8.7 Version: 8.6 Version: 8.4 Version: 8.3 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Global Management System (GMS)",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.1"
},
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.7"
},
{
"status": "affected",
"version": "8.6"
},
{
"status": "affected",
"version": "8.4"
},
{
"status": "affected",
"version": "8.3 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access to the appliance using existing SSH key. This vulnerability affects GMS versions 9.1, 9.0, 8.7, 8.6, 8.4, 8.3 and earlier."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-26T20:25:46",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0004"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2019-7476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Global Management System (GMS)",
"version": {
"version_data": [
{
"version_value": "9.1"
},
{
"version_value": "9.0"
},
{
"version_value": "8.7"
},
{
"version_value": "8.6"
},
{
"version_value": "8.4"
},
{
"version_value": "8.3 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access to the appliance using existing SSH key. This vulnerability affects GMS versions 9.1, 9.0, 8.7, 8.6, 8.4, 8.3 and earlier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0004",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0004"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2019-7476",
"datePublished": "2019-04-26T20:25:46",
"dateReserved": "2019-02-06T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34134
Vulnerability from cvelistv5
Published
2023-07-13 02:35
Modified
2024-10-30 18:52
Severity ?
EPSS score ?
Summary
Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator password hash via a web service call. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 | vendor-advisory | |
| https://www.sonicwall.com/support/notices/230710150218060 | related |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:53.950Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34134",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T18:52:28.717741Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T18:52:38.438Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-13T02:35:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator password hash via a web service call. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator password hash via a web service call. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T02:35:41.109Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34134",
"datePublished": "2023-07-13T02:35:41.109Z",
"dateReserved": "2023-05-25T22:45:46.852Z",
"dateUpdated": "2024-10-30T18:52:38.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-5024
Vulnerability from cvelistv5
Published
2014-07-24 14:00
Modified
2024-08-06 11:34
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/68829 | vdb-entry, x_refsource_BID | |
| https://support.software.dell.com/product-notification/128245 | x_refsource_CONFIRM | |
| http://seclists.org/fulldisclosure/2014/Jul/125 | mailing-list, x_refsource_FULLDISC | |
| http://secunia.com/advisories/60287 | third-party-advisory, x_refsource_SECUNIA | |
| http://packetstormsecurity.com/files/127575/SonicWALL-GMS-7.2-Build-7221.1701-Cross-Site-Scripting.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "68829",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68829"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.software.dell.com/product-notification/128245"
},
{
"name": "20140722 Reflected XSS vulnerabilities in DELL SonicWALL GMS 7.2 Build: 7221.1701 (CVE-2014-5024)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/125"
},
{
"name": "60287",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60287"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/127575/SonicWALL-GMS-7.2-Build-7221.1701-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-04T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "68829",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68829"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.software.dell.com/product-notification/128245"
},
{
"name": "20140722 Reflected XSS vulnerabilities in DELL SonicWALL GMS 7.2 Build: 7221.1701 (CVE-2014-5024)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/125"
},
{
"name": "60287",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60287"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/127575/SonicWALL-GMS-7.2-Build-7221.1701-Cross-Site-Scripting.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "68829",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68829"
},
{
"name": "https://support.software.dell.com/product-notification/128245",
"refsource": "CONFIRM",
"url": "https://support.software.dell.com/product-notification/128245"
},
{
"name": "20140722 Reflected XSS vulnerabilities in DELL SonicWALL GMS 7.2 Build: 7221.1701 (CVE-2014-5024)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jul/125"
},
{
"name": "60287",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60287"
},
{
"name": "http://packetstormsecurity.com/files/127575/SonicWALL-GMS-7.2-Build-7221.1701-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127575/SonicWALL-GMS-7.2-Build-7221.1701-Cross-Site-Scripting.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5024",
"datePublished": "2014-07-24T14:00:00",
"dateReserved": "2014-07-22T00:00:00",
"dateUpdated": "2024-08-06T11:34:37.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-3639
Vulnerability from cvelistv5
Published
2018-05-22 12:00
Modified
2024-09-16 22:55
Severity ?
EPSS score ?
Summary
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel Corporation | Multiple |
Version: Multiple |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:50:30.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:1689",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1689"
},
{
"name": "RHSA-2018:2162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2162"
},
{
"name": "RHSA-2018:1641",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1641"
},
{
"name": "USN-3680-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3680-1/"
},
{
"name": "RHSA-2018:1997",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1997"
},
{
"name": "RHSA-2018:1665",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1665"
},
{
"name": "RHSA-2018:3407",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3407"
},
{
"name": "RHSA-2018:2164",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2164"
},
{
"name": "RHSA-2018:2001",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2001"
},
{
"name": "RHSA-2018:3423",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3423"
},
{
"name": "RHSA-2018:2003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2003"
},
{
"name": "USN-3654-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"name": "RHSA-2018:1645",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1645"
},
{
"name": "RHSA-2018:1643",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1643"
},
{
"name": "RHSA-2018:1652",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1652"
},
{
"name": "RHSA-2018:3424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3424"
},
{
"name": "RHSA-2018:3402",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3402"
},
{
"name": "TA18-141A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.us-cert.gov/ncas/alerts/TA18-141A"
},
{
"name": "RHSA-2018:1656",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1656"
},
{
"name": "RHSA-2018:1664",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1664"
},
{
"name": "RHSA-2018:2258",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2258"
},
{
"name": "RHSA-2018:1688",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1688"
},
{
"name": "RHSA-2018:1658",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1658"
},
{
"name": "RHSA-2018:1657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1657"
},
{
"name": "RHSA-2018:2289",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2289"
},
{
"name": "RHSA-2018:1666",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1666"
},
{
"name": "1042004",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1042004"
},
{
"name": "RHSA-2018:1675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1675"
},
{
"name": "RHSA-2018:1660",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1660"
},
{
"name": "RHSA-2018:1965",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1965"
},
{
"name": "RHSA-2018:1661",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1661"
},
{
"name": "RHSA-2018:1633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1633"
},
{
"name": "RHSA-2018:1636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1636"
},
{
"name": "RHSA-2018:1854",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1854"
},
{
"name": "RHSA-2018:2006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2006"
},
{
"name": "RHSA-2018:2250",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2250"
},
{
"name": "1040949",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040949"
},
{
"name": "RHSA-2018:3401",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3401"
},
{
"name": "RHSA-2018:1737",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1737"
},
{
"name": "RHSA-2018:1826",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1826"
},
{
"name": "USN-3651-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3651-1/"
},
{
"name": "DSA-4210",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4210"
},
{
"name": "44695",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44695/"
},
{
"name": "RHSA-2018:1651",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1651"
},
{
"name": "RHSA-2018:1638",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1638"
},
{
"name": "RHSA-2018:1696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1696"
},
{
"name": "RHSA-2018:2246",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2246"
},
{
"name": "RHSA-2018:1644",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1644"
},
{
"name": "RHSA-2018:1646",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1646"
},
{
"name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
},
{
"name": "RHSA-2018:1639",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1639"
},
{
"name": "RHSA-2018:1668",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1668"
},
{
"name": "RHSA-2018:1637",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1637"
},
{
"name": "RHSA-2018:2948",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"name": "VU#180049",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"name": "RHSA-2018:1686",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1686"
},
{
"name": "RHSA-2018:2172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2172"
},
{
"name": "RHSA-2018:1663",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1663"
},
{
"name": "USN-3652-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3652-1/"
},
{
"name": "RHSA-2018:1629",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1629"
},
{
"name": "RHSA-2018:1655",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1655"
},
{
"name": "RHSA-2018:1640",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1640"
},
{
"name": "RHSA-2018:1669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1669"
},
{
"name": "RHSA-2018:1676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1676"
},
{
"name": "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"
},
{
"name": "RHSA-2018:3425",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3425"
},
{
"name": "RHSA-2018:2363",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2363"
},
{
"name": "RHSA-2018:1632",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1632"
},
{
"name": "RHSA-2018:1650",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1650"
},
{
"name": "RHSA-2018:2396",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2396"
},
{
"name": "RHSA-2018:2364",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2364"
},
{
"name": "USN-3653-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3653-2/"
},
{
"name": "RHSA-2018:2216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2216"
},
{
"name": "USN-3655-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"name": "RHSA-2018:1649",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1649"
},
{
"name": "RHSA-2018:2309",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2309"
},
{
"name": "104232",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104232"
},
{
"name": "RHSA-2018:1653",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1653"
},
{
"name": "RHSA-2018:2171",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2171"
},
{
"name": "RHSA-2018:1635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1635"
},
{
"name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"name": "RHSA-2018:2394",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2394"
},
{
"name": "RHSA-2018:1710",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1710"
},
{
"name": "RHSA-2018:1659",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1659"
},
{
"name": "RHSA-2018:1711",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1711"
},
{
"name": "DSA-4273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4273"
},
{
"name": "RHSA-2018:1738",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1738"
},
{
"name": "RHSA-2018:1674",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1674"
},
{
"name": "RHSA-2018:3396",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3396"
},
{
"name": "RHSA-2018:1667",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1667"
},
{
"name": "USN-3654-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"name": "RHSA-2018:1662",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1662"
},
{
"name": "RHSA-2018:1630",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1630"
},
{
"name": "RHSA-2018:1647",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1647"
},
{
"name": "RHSA-2018:1967",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1967"
},
{
"name": "USN-3655-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"name": "RHSA-2018:3399",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3399"
},
{
"name": "RHSA-2018:2060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2060"
},
{
"name": "RHSA-2018:1690",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1690"
},
{
"name": "USN-3653-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3653-1/"
},
{
"name": "RHSA-2018:2161",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2161"
},
{
"name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"
},
{
"name": "RHSA-2018:2328",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2328"
},
{
"name": "RHSA-2018:1648",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1648"
},
{
"name": "RHSA-2018:2387",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2387"
},
{
"name": "RHSA-2019:0148",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0148"
},
{
"name": "RHSA-2018:1654",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1654"
},
{
"name": "USN-3679-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3679-1/"
},
{
"name": "USN-3777-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3777-3/"
},
{
"name": "RHSA-2018:1642",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1642"
},
{
"name": "RHSA-2018:3397",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3397"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "USN-3756-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3756-1/"
},
{
"name": "RHSA-2018:3398",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3398"
},
{
"name": "RHSA-2018:3400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3400"
},
{
"name": "RHSA-2018:2228",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2228"
},
{
"name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"name": "RHSA-2019:1046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1046"
},
{
"name": "openSUSE-SU-2019:1439",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"
},
{
"name": "openSUSE-SU-2019:1438",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"
},
{
"name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/36"
},
{
"name": "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/1"
},
{
"name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/2"
},
{
"name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-22133"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX235225"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_23"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-263.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180521-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html"
},
{
"name": "openSUSE-SU-2020:1325",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Multiple",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "Multiple"
}
]
}
],
"datePublic": "2018-05-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-02T20:06:27",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "RHSA-2018:1689",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1689"
},
{
"name": "RHSA-2018:2162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2162"
},
{
"name": "RHSA-2018:1641",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1641"
},
{
"name": "USN-3680-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3680-1/"
},
{
"name": "RHSA-2018:1997",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1997"
},
{
"name": "RHSA-2018:1665",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1665"
},
{
"name": "RHSA-2018:3407",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3407"
},
{
"name": "RHSA-2018:2164",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2164"
},
{
"name": "RHSA-2018:2001",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2001"
},
{
"name": "RHSA-2018:3423",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3423"
},
{
"name": "RHSA-2018:2003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2003"
},
{
"name": "USN-3654-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"name": "RHSA-2018:1645",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1645"
},
{
"name": "RHSA-2018:1643",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1643"
},
{
"name": "RHSA-2018:1652",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1652"
},
{
"name": "RHSA-2018:3424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3424"
},
{
"name": "RHSA-2018:3402",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3402"
},
{
"name": "TA18-141A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.us-cert.gov/ncas/alerts/TA18-141A"
},
{
"name": "RHSA-2018:1656",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1656"
},
{
"name": "RHSA-2018:1664",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1664"
},
{
"name": "RHSA-2018:2258",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2258"
},
{
"name": "RHSA-2018:1688",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1688"
},
{
"name": "RHSA-2018:1658",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1658"
},
{
"name": "RHSA-2018:1657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1657"
},
{
"name": "RHSA-2018:2289",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2289"
},
{
"name": "RHSA-2018:1666",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1666"
},
{
"name": "1042004",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1042004"
},
{
"name": "RHSA-2018:1675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1675"
},
{
"name": "RHSA-2018:1660",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1660"
},
{
"name": "RHSA-2018:1965",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1965"
},
{
"name": "RHSA-2018:1661",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1661"
},
{
"name": "RHSA-2018:1633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1633"
},
{
"name": "RHSA-2018:1636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1636"
},
{
"name": "RHSA-2018:1854",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1854"
},
{
"name": "RHSA-2018:2006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2006"
},
{
"name": "RHSA-2018:2250",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2250"
},
{
"name": "1040949",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040949"
},
{
"name": "RHSA-2018:3401",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3401"
},
{
"name": "RHSA-2018:1737",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1737"
},
{
"name": "RHSA-2018:1826",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1826"
},
{
"name": "USN-3651-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3651-1/"
},
{
"name": "DSA-4210",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4210"
},
{
"name": "44695",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44695/"
},
{
"name": "RHSA-2018:1651",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1651"
},
{
"name": "RHSA-2018:1638",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1638"
},
{
"name": "RHSA-2018:1696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1696"
},
{
"name": "RHSA-2018:2246",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2246"
},
{
"name": "RHSA-2018:1644",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1644"
},
{
"name": "RHSA-2018:1646",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1646"
},
{
"name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
},
{
"name": "RHSA-2018:1639",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1639"
},
{
"name": "RHSA-2018:1668",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1668"
},
{
"name": "RHSA-2018:1637",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1637"
},
{
"name": "RHSA-2018:2948",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"name": "VU#180049",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"name": "RHSA-2018:1686",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1686"
},
{
"name": "RHSA-2018:2172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2172"
},
{
"name": "RHSA-2018:1663",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1663"
},
{
"name": "USN-3652-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3652-1/"
},
{
"name": "RHSA-2018:1629",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1629"
},
{
"name": "RHSA-2018:1655",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1655"
},
{
"name": "RHSA-2018:1640",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1640"
},
{
"name": "RHSA-2018:1669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1669"
},
{
"name": "RHSA-2018:1676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1676"
},
{
"name": "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"
},
{
"name": "RHSA-2018:3425",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3425"
},
{
"name": "RHSA-2018:2363",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2363"
},
{
"name": "RHSA-2018:1632",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1632"
},
{
"name": "RHSA-2018:1650",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1650"
},
{
"name": "RHSA-2018:2396",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2396"
},
{
"name": "RHSA-2018:2364",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2364"
},
{
"name": "USN-3653-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3653-2/"
},
{
"name": "RHSA-2018:2216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2216"
},
{
"name": "USN-3655-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"name": "RHSA-2018:1649",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1649"
},
{
"name": "RHSA-2018:2309",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2309"
},
{
"name": "104232",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104232"
},
{
"name": "RHSA-2018:1653",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1653"
},
{
"name": "RHSA-2018:2171",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2171"
},
{
"name": "RHSA-2018:1635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1635"
},
{
"name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"name": "RHSA-2018:2394",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2394"
},
{
"name": "RHSA-2018:1710",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1710"
},
{
"name": "RHSA-2018:1659",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1659"
},
{
"name": "RHSA-2018:1711",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1711"
},
{
"name": "DSA-4273",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4273"
},
{
"name": "RHSA-2018:1738",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1738"
},
{
"name": "RHSA-2018:1674",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1674"
},
{
"name": "RHSA-2018:3396",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3396"
},
{
"name": "RHSA-2018:1667",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1667"
},
{
"name": "USN-3654-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"name": "RHSA-2018:1662",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1662"
},
{
"name": "RHSA-2018:1630",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1630"
},
{
"name": "RHSA-2018:1647",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1647"
},
{
"name": "RHSA-2018:1967",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1967"
},
{
"name": "USN-3655-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"name": "RHSA-2018:3399",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3399"
},
{
"name": "RHSA-2018:2060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2060"
},
{
"name": "RHSA-2018:1690",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1690"
},
{
"name": "USN-3653-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3653-1/"
},
{
"name": "RHSA-2018:2161",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2161"
},
{
"name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"
},
{
"name": "RHSA-2018:2328",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2328"
},
{
"name": "RHSA-2018:1648",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1648"
},
{
"name": "RHSA-2018:2387",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2387"
},
{
"name": "RHSA-2019:0148",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0148"
},
{
"name": "RHSA-2018:1654",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1654"
},
{
"name": "USN-3679-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3679-1/"
},
{
"name": "USN-3777-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3777-3/"
},
{
"name": "RHSA-2018:1642",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1642"
},
{
"name": "RHSA-2018:3397",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3397"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "USN-3756-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3756-1/"
},
{
"name": "RHSA-2018:3398",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3398"
},
{
"name": "RHSA-2018:3400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3400"
},
{
"name": "RHSA-2018:2228",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2228"
},
{
"name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"name": "RHSA-2019:1046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1046"
},
{
"name": "openSUSE-SU-2019:1439",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"
},
{
"name": "openSUSE-SU-2019:1438",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"
},
{
"name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jun/36"
},
{
"name": "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/1"
},
{
"name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/2"
},
{
"name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-22133"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX235225"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_23"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-263.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180521-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html"
},
{
"name": "openSUSE-SU-2020:1325",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2018-05-21T00:00:00",
"ID": "CVE-2018-3639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Multiple",
"version": {
"version_data": [
{
"version_value": "Multiple"
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:1689",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1689"
},
{
"name": "RHSA-2018:2162",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2162"
},
{
"name": "RHSA-2018:1641",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1641"
},
{
"name": "USN-3680-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3680-1/"
},
{
"name": "RHSA-2018:1997",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1997"
},
{
"name": "RHSA-2018:1665",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1665"
},
{
"name": "RHSA-2018:3407",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3407"
},
{
"name": "RHSA-2018:2164",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2164"
},
{
"name": "RHSA-2018:2001",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2001"
},
{
"name": "RHSA-2018:3423",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3423"
},
{
"name": "RHSA-2018:2003",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2003"
},
{
"name": "USN-3654-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"name": "RHSA-2018:1645",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1645"
},
{
"name": "RHSA-2018:1643",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1643"
},
{
"name": "RHSA-2018:1652",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1652"
},
{
"name": "RHSA-2018:3424",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3424"
},
{
"name": "RHSA-2018:3402",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3402"
},
{
"name": "TA18-141A",
"refsource": "CERT",
"url": "https://www.us-cert.gov/ncas/alerts/TA18-141A"
},
{
"name": "RHSA-2018:1656",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1656"
},
{
"name": "RHSA-2018:1664",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1664"
},
{
"name": "RHSA-2018:2258",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2258"
},
{
"name": "RHSA-2018:1688",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1688"
},
{
"name": "RHSA-2018:1658",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1658"
},
{
"name": "RHSA-2018:1657",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1657"
},
{
"name": "RHSA-2018:2289",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2289"
},
{
"name": "RHSA-2018:1666",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1666"
},
{
"name": "1042004",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042004"
},
{
"name": "RHSA-2018:1675",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1675"
},
{
"name": "RHSA-2018:1660",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1660"
},
{
"name": "RHSA-2018:1965",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1965"
},
{
"name": "RHSA-2018:1661",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1661"
},
{
"name": "RHSA-2018:1633",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1633"
},
{
"name": "RHSA-2018:1636",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1636"
},
{
"name": "RHSA-2018:1854",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1854"
},
{
"name": "RHSA-2018:2006",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2006"
},
{
"name": "RHSA-2018:2250",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2250"
},
{
"name": "1040949",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040949"
},
{
"name": "RHSA-2018:3401",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3401"
},
{
"name": "RHSA-2018:1737",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1737"
},
{
"name": "RHSA-2018:1826",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1826"
},
{
"name": "USN-3651-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3651-1/"
},
{
"name": "DSA-4210",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4210"
},
{
"name": "44695",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44695/"
},
{
"name": "RHSA-2018:1651",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1651"
},
{
"name": "RHSA-2018:1638",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1638"
},
{
"name": "RHSA-2018:1696",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1696"
},
{
"name": "RHSA-2018:2246",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2246"
},
{
"name": "RHSA-2018:1644",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1644"
},
{
"name": "RHSA-2018:1646",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1646"
},
{
"name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
},
{
"name": "RHSA-2018:1639",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1639"
},
{
"name": "RHSA-2018:1668",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1668"
},
{
"name": "RHSA-2018:1637",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1637"
},
{
"name": "RHSA-2018:2948",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"name": "VU#180049",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"name": "RHSA-2018:1686",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1686"
},
{
"name": "RHSA-2018:2172",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2172"
},
{
"name": "RHSA-2018:1663",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1663"
},
{
"name": "USN-3652-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3652-1/"
},
{
"name": "RHSA-2018:1629",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1629"
},
{
"name": "RHSA-2018:1655",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1655"
},
{
"name": "RHSA-2018:1640",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1640"
},
{
"name": "RHSA-2018:1669",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1669"
},
{
"name": "RHSA-2018:1676",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1676"
},
{
"name": "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"
},
{
"name": "RHSA-2018:3425",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3425"
},
{
"name": "RHSA-2018:2363",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2363"
},
{
"name": "RHSA-2018:1632",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1632"
},
{
"name": "RHSA-2018:1650",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1650"
},
{
"name": "RHSA-2018:2396",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2396"
},
{
"name": "RHSA-2018:2364",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2364"
},
{
"name": "USN-3653-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3653-2/"
},
{
"name": "RHSA-2018:2216",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2216"
},
{
"name": "USN-3655-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"name": "RHSA-2018:1649",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1649"
},
{
"name": "RHSA-2018:2309",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2309"
},
{
"name": "104232",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104232"
},
{
"name": "RHSA-2018:1653",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1653"
},
{
"name": "RHSA-2018:2171",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2171"
},
{
"name": "RHSA-2018:1635",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1635"
},
{
"name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"name": "RHSA-2018:2394",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2394"
},
{
"name": "RHSA-2018:1710",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1710"
},
{
"name": "RHSA-2018:1659",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1659"
},
{
"name": "RHSA-2018:1711",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1711"
},
{
"name": "DSA-4273",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4273"
},
{
"name": "RHSA-2018:1738",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1738"
},
{
"name": "RHSA-2018:1674",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1674"
},
{
"name": "RHSA-2018:3396",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3396"
},
{
"name": "RHSA-2018:1667",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1667"
},
{
"name": "USN-3654-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"name": "RHSA-2018:1662",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1662"
},
{
"name": "RHSA-2018:1630",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1630"
},
{
"name": "RHSA-2018:1647",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1647"
},
{
"name": "RHSA-2018:1967",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1967"
},
{
"name": "USN-3655-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"name": "RHSA-2018:3399",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3399"
},
{
"name": "RHSA-2018:2060",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2060"
},
{
"name": "RHSA-2018:1690",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1690"
},
{
"name": "USN-3653-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3653-1/"
},
{
"name": "RHSA-2018:2161",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2161"
},
{
"name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"
},
{
"name": "RHSA-2018:2328",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2328"
},
{
"name": "RHSA-2018:1648",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1648"
},
{
"name": "RHSA-2018:2387",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2387"
},
{
"name": "RHSA-2019:0148",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0148"
},
{
"name": "RHSA-2018:1654",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1654"
},
{
"name": "USN-3679-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3679-1/"
},
{
"name": "USN-3777-3",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3777-3/"
},
{
"name": "RHSA-2018:1642",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1642"
},
{
"name": "RHSA-2018:3397",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3397"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "USN-3756-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3756-1/"
},
{
"name": "RHSA-2018:3398",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3398"
},
{
"name": "RHSA-2018:3400",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3400"
},
{
"name": "RHSA-2018:2228",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2228"
},
{
"name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"name": "RHSA-2019:1046",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1046"
},
{
"name": "openSUSE-SU-2019:1439",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"
},
{
"name": "openSUSE-SU-2019:1438",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"
},
{
"name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Jun/36"
},
{
"name": "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/1"
},
{
"name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/2"
},
{
"name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/5"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"
},
{
"name": "http://support.lenovo.com/us/en/solutions/LEN-22133",
"refsource": "CONFIRM",
"url": "http://support.lenovo.com/us/en/solutions/LEN-22133"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012"
},
{
"name": "https://support.citrix.com/article/CTX235225",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX235225"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_23",
"refsource": "CONFIRM",
"url": "https://www.synology.com/support/security/Synology_SA_18_23"
},
{
"name": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability",
"refsource": "CONFIRM",
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"name": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html",
"refsource": "CONFIRM",
"url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-263.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-263.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
},
{
"name": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006",
"refsource": "CONFIRM",
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us"
},
{
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180521-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180521-0001/"
},
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"name": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html",
"refsource": "CONFIRM",
"url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html"
},
{
"name": "openSUSE-SU-2020:1325",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2018-3639",
"datePublished": "2018-05-22T12:00:00Z",
"dateReserved": "2017-12-28T00:00:00",
"dateUpdated": "2024-09-16T22:55:27.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34127
Vulnerability from cvelistv5
Published
2023-07-13 00:47
Modified
2024-08-02 16:01
Severity ?
EPSS score ?
Summary
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:53.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-12T23:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"value": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T00:47:58.798Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34127",
"datePublished": "2023-07-13T00:47:58.798Z",
"dateReserved": "2023-05-25T22:45:46.851Z",
"dateUpdated": "2024-08-02T16:01:53.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34130
Vulnerability from cvelistv5
Published
2023-07-13 01:06
Modified
2024-10-30 19:55
Severity ?
EPSS score ?
Summary
SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm (TEA) with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 | vendor-advisory | |
| https://www.sonicwall.com/support/notices/230710150218060 | related |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34130",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T19:55:20.321751Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T19:55:38.482Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-12T23:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm (TEA) with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\u003cp\u003e\u003c/p\u003e"
}
],
"value": "SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm (TEA) with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T01:06:27.492Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34130",
"datePublished": "2023-07-13T01:06:27.492Z",
"dateReserved": "2023-05-25T22:45:46.851Z",
"dateUpdated": "2024-10-30T19:55:38.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34135
Vulnerability from cvelistv5
Published
2023-07-13 02:37
Modified
2024-10-30 18:52
Severity ?
EPSS score ?
Summary
Path Traversal vulnerability in SonicWall GMS and Analytics allows a remote authenticated attacker to read arbitrary files from the underlying file system via web service. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 | vendor-advisory | |
| https://www.sonicwall.com/support/notices/230710150218060 | related |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34135",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T18:51:59.978476Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T18:52:08.987Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-13T02:40:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal vulnerability in SonicWall GMS and Analytics allows a remote authenticated attacker to read arbitrary files from the underlying file system via web service. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Path Traversal vulnerability in SonicWall GMS and Analytics allows a remote authenticated attacker to read arbitrary files from the underlying file system via web service. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-36",
"description": "CWE-36 Absolute Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T02:37:59.279Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34135",
"datePublished": "2023-07-13T02:37:59.279Z",
"dateReserved": "2023-05-25T22:45:46.852Z",
"dateUpdated": "2024-10-30T18:52:08.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34129
Vulnerability from cvelistv5
Published
2023-07-13 01:03
Modified
2024-10-30 18:53
Severity ?
EPSS score ?
Summary
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in SonicWall GMS and Analytics allows an authenticated remote attacker to traverse the directory and extract arbitrary files using Zip Slip method to any location on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 | vendor-advisory | |
| https://www.sonicwall.com/support/notices/230710150218060 | related |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34129",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T18:52:57.463645Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T18:53:10.286Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-12T23:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability in SonicWall GMS and Analytics allows an authenticated remote attacker to traverse the directory and extract arbitrary files using Zip Slip method to any location on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability in SonicWall GMS and Analytics allows an authenticated remote attacker to traverse the directory and extract arbitrary files using Zip Slip method to any location on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T01:03:51.894Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34129",
"datePublished": "2023-07-13T01:03:51.894Z",
"dateReserved": "2023-05-25T22:45:46.851Z",
"dateUpdated": "2024-10-30T18:53:10.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34133
Vulnerability from cvelistv5
Published
2023-07-13 02:28
Modified
2024-08-02 16:01
Severity ?
EPSS score ?
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SonicWall GMS and Analytics allows an unauthenticated attacker to extract sensitive information from the application database. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-13T02:28:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in SonicWall GMS and Analytics allows an unauthenticated attacker to extract sensitive information from the application database. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in SonicWall GMS and Analytics allows an unauthenticated attacker to extract sensitive information from the application database. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T02:28:35.751Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34133",
"datePublished": "2023-07-13T02:28:35.751Z",
"dateReserved": "2023-05-25T22:45:46.852Z",
"dateUpdated": "2024-08-02T16:01:54.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34136
Vulnerability from cvelistv5
Published
2023-07-13 02:40
Modified
2024-10-30 18:50
Severity ?
EPSS score ?
Summary
Vulnerability in SonicWall GMS and Analytics allows unauthenticated attacker to upload files to a restricted location not controlled by the attacker. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 | vendor-advisory | |
| https://www.sonicwall.com/support/notices/230710150218060 | related |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:53.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34136",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T18:50:17.908815Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T18:50:27.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-13T02:40:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Vulnerability in SonicWall GMS and Analytics allows unauthenticated attacker to upload files to a restricted location not controlled by the attacker. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"value": "Vulnerability in SonicWall GMS and Analytics allows unauthenticated attacker to upload files to a restricted location not controlled by the attacker. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T02:40:20.667Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34136",
"datePublished": "2023-07-13T02:40:20.667Z",
"dateReserved": "2023-05-25T22:45:46.852Z",
"dateUpdated": "2024-10-30T18:50:27.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-5691
Vulnerability from cvelistv5
Published
2018-01-14 04:00
Modified
2024-08-05 05:40
Severity ?
EPSS score ?
Summary
SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.vulnerability-lab.com/get_content.php?id=1819 | x_refsource_MISC | |
| http://documents.software.dell.com/sonicwall-gms-os/8.2/release-notes/known-issues?ParentProduct=867 | x_refsource_MISC | |
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0003 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:40:51.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vulnerability-lab.com/get_content.php?id=1819"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://documents.software.dell.com/sonicwall-gms-os/8.2/release-notes/known-issues?ParentProduct=867"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0003"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vulnerability-lab.com/get_content.php?id=1819"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://documents.software.dell.com/sonicwall-gms-os/8.2/release-notes/known-issues?ParentProduct=867"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0003"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-5691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vulnerability-lab.com/get_content.php?id=1819",
"refsource": "MISC",
"url": "https://www.vulnerability-lab.com/get_content.php?id=1819"
},
{
"name": "http://documents.software.dell.com/sonicwall-gms-os/8.2/release-notes/known-issues?ParentProduct=867",
"refsource": "MISC",
"url": "http://documents.software.dell.com/sonicwall-gms-os/8.2/release-notes/known-issues?ParentProduct=867"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0003",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0003"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-5691",
"datePublished": "2018-01-14T04:00:00",
"dateReserved": "2018-01-13T00:00:00",
"dateUpdated": "2024-08-05T05:40:51.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34137
Vulnerability from cvelistv5
Published
2023-07-13 02:43
Modified
2024-10-30 18:49
Severity ?
EPSS score ?
Summary
SonicWall GMS and Analytics CAS Web Services application use static values for authentication without proper checks leading to authentication bypass vulnerability. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 | vendor-advisory | |
| https://www.sonicwall.com/support/notices/230710150218060 | related |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:53.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34137",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T18:49:13.419958Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T18:49:22.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-13T02:43:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicWall GMS and Analytics CAS Web Services application use static values for authentication without proper checks leading to authentication bypass vulnerability. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\u003cp\u003e\u003c/p\u003e"
}
],
"value": "SonicWall GMS and Analytics CAS Web Services application use static values for authentication without proper checks leading to authentication bypass vulnerability. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-305",
"description": "CWE-305: Authentication Bypass by Primary Weakness",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T02:43:08.405Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34137",
"datePublished": "2023-07-13T02:43:08.405Z",
"dateReserved": "2023-05-25T22:45:46.852Z",
"dateUpdated": "2024-10-30T18:49:22.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-07-13 02:15
Modified
2024-11-21 08:06
Severity ?
Summary
SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm (TEA) with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BFA6B7-2070-4FCA-B27C-5ED1047B1101",
"versionEndIncluding": "2.5.0.4-r7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2E8493ED-1A01-4FAA-9608-4481DDD0D69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89A96771-621F-4D0D-B667-0A99F5F76789",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm (TEA) with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"id": "CVE-2023-34130",
"lastModified": "2024-11-21T08:06:36.660",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T02:15:09.363",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-11 17:15
Modified
2024-11-21 01:49
Severity ?
Summary
An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analyzer | 7.0 | |
| sonicwall | global_management_system | 4.1 | |
| sonicwall | global_management_system | 5.0 | |
| sonicwall | global_management_system | 5.1 | |
| sonicwall | global_management_system | 6.0 | |
| sonicwall | global_management_system | 7.0 | |
| sonicwall | universal_management_appliance | 5.1 | |
| sonicwall | universal_management_appliance | 6.0 | |
| sonicwall | universal_management_appliance | 7.0 | |
| sonicwall | viewpoint | 4.1 | |
| sonicwall | viewpoint | 5.0 | |
| sonicwall | viewpoint | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9ABA5C-59AF-496A-B22E-0C88892EC8FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3627733D-E0CD-4E00-8D36-AB4EF784977C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60563570-4865-4D8B-9E24-A371CABE1BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EFEF89-357C-4EC2-B6A3-C803E64A2227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE35F845-3A01-4974-BD7C-88CBE759830D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF95BB8-DF0B-4131-8A89-82DE559CC09B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:universal_management_appliance:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AC115CB-0F22-47C8-86F3-9990058896FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:universal_management_appliance:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "160BD653-09A8-4939-9A5D-8EED7B5B4D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:universal_management_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "747153CA-2225-40A3-9C21-E9E62C24892B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:viewpoint:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE97B72B-31B2-4E2D-99EE-81A1C645CDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:viewpoint:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28C845AC-8B12-4147-A5D7-9D5E4C7953EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:viewpoint:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1589B409-1AF8-4789-90C3-6E1DFA14677E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Omisi\u00f3n de Autenticaci\u00f3n en DELL SonicWALL Analyzer versi\u00f3n 7.0, Global Management System (GMS) versiones 4.1, 5.0, 5.1, 6.0 y 7.0; Universal Management Appliance (UMA) versiones 5.1, 6.0 y 7.0 y ViewPoint versiones 4.1, 5.0, 5.1 y 6.0 por medio del par\u00e1metro skipSessionCheck en la interfaz UMA (/appliance/), lo que podr\u00eda permitir a un usuario malicioso remoto obtener acceso a la cuenta root."
}
],
"id": "CVE-2013-1359",
"lastModified": "2024-11-21T01:49:25.517",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T17:15:11.593",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/24204"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/24322"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/57445"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1028007"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81367"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://fortiguard.com/encyclopedia/ips/35264/multiple-sonicwall-products-authentication-bypass-vulns"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/author/7547/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2013/Jan/125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/24204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/24322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/57445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1028007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fortiguard.com/encyclopedia/ips/35264/multiple-sonicwall-products-authentication-bypass-vulns"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/author/7547/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2013/Jan/125"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-13 01:15
Modified
2024-11-21 08:06
Severity ?
Summary
Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BFA6B7-2070-4FCA-B27C-5ED1047B1101",
"versionEndIncluding": "2.5.0.4-r7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2E8493ED-1A01-4FAA-9608-4481DDD0D69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89A96771-621F-4D0D-B667-0A99F5F76789",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"id": "CVE-2023-34128",
"lastModified": "2024-11-21T08:06:36.417",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T01:15:08.950",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-260"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-10 07:15
Modified
2024-11-21 05:45
Severity ?
Summary
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | global_management_system | 9.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9DA0AC-1F4D-40E8-9C54-D583AE09F57C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root."
},
{
"lang": "es",
"value": "Una vulnerabilidad de ejecuci\u00f3n de comandos en SonicWall GMS versi\u00f3n 9.3, permite a un atacante remoto no autenticado escalar localmente privilegios a root"
}
],
"id": "CVE-2021-20020",
"lastModified": "2024-11-21T05:45:47.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-10T07:15:10.503",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0009"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-09 16:36
Modified
2024-11-21 02:00
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or HTML via the (1) valfield_1 or (2) value_1 parameter to createNewThreshold.jsp.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analyzer | 7.0 | |
| sonicwall | analyzer | 7.1 | |
| sonicwall | analyzer | 7.1 | |
| sonicwall | global_management_system | 7.0 | |
| sonicwall | global_management_system | 7.1 | |
| sonicwall | global_management_system | 7.1 | |
| sonicwall | uma_e5000_firmware | 7.0 | |
| sonicwall | uma_e5000_firmware | 7.1 | |
| sonicwall | uma_e5000_firmware | 7.1 | |
| sonicwall | uma_e5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9ABA5C-59AF-496A-B22E-0C88892EC8FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8078DCDB-FC88-41C8-BE14-688B5F4911E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "19E54EA9-F9F8-47FA-9F31-C05C2AE59539",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF95BB8-DF0B-4131-8A89-82DE559CC09B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF555F86-D3E0-4763-9E9A-C26D5C986FC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "418595FE-EBFA-4B1D-A479-171BBD56279A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:uma_e5000_firmware:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907AFD7C-F904-47AC-937E-4CCDB5E4CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:uma_e5000_firmware:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93D89B14-232D-4112-94B7-7757A3BBDD42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:uma_e5000_firmware:7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "66B20FAD-1131-4C68-BA4D-8B1A20C1DF91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:uma_e5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F6C2F1-8C1A-4BAD-8F49-464258B09354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or HTML via the (1) valfield_1 or (2) value_1 parameter to createNewThreshold.jsp."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades XSS en ematStaticAlertTypes.jsp en la secci\u00f3n de ajustes de alertas en Dell SonicWALL Global Management System (GMS), Analyzer, y UMA EM5000 7.1 SP1 anterior al Hotfix 134235 permite a usuarios autenticados remotamente inyectar secuencias de comandos web o HTML arbitrarias a trav\u00e9s de los par\u00e1metros (1) valfield_1 o (2) value_1 a createNewThreshold.jsp."
}
],
"evaluatorComment": "Per: http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_Hotfix_134235.pdf\n\n\"Affected Products\nDell SonicWALL GMS\nDell SonicWALL Analyzer\nDell SonicWALL UMA E5000\n\nAffected Software Versions\nVersion\n7.x\"",
"id": "CVE-2013-7025",
"lastModified": "2024-11-21T02:00:11.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-12-09T16:36:50.723",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0022.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/100610"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2013/Dec/32"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/55923"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/30054"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/64103"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029433"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_Hotfix_134235.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.vulnerability-lab.com/get_content.php?id=1099"
},
{
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/100610"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2013/Dec/32"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/55923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/30054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/64103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_Hotfix_134235.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.vulnerability-lab.com/get_content.php?id=1099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89462"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-13 01:15
Modified
2024-11-21 08:06
Severity ?
Summary
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BFA6B7-2070-4FCA-B27C-5ED1047B1101",
"versionEndIncluding": "2.5.0.4-r7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2E8493ED-1A01-4FAA-9608-4481DDD0D69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89A96771-621F-4D0D-B667-0A99F5F76789",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"id": "CVE-2023-34127",
"lastModified": "2024-11-21T08:06:36.273",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T01:15:08.893",
"references": [
{
"source": "PSIRT@sonicwall.com",
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-29 21:15
Modified
2024-11-21 06:46
Severity ?
Summary
Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:on-prem:*:*:*",
"matchCriteriaId": "C7FFD1D8-11E9-4208-840E-33090DF70E75",
"versionEndIncluding": "2.5.0.3-2520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B04B0EA0-DE37-495D-9417-8FAF48F1A064",
"versionEndExcluding": "9.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.1:-:*:*:*:*:*:*",
"matchCriteriaId": "215C71C7-2CA8-4017-AF17-995002FF3100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions."
},
{
"lang": "es",
"value": "Una Neutralizaci\u00f3n Inadecuada de Elementos Especiales usados en un Comando SQL conllevando a una vulnerabilidad de inyecci\u00f3n SQL no autenticada, que afecta a SonicWall GMS versi\u00f3n 9.3.1-SP2-Hotfix1, Analytics On-Prem versiones 2.5.0.3-2520 y anteriores"
}
],
"id": "CVE-2022-22280",
"lastModified": "2024-11-21T06:46:33.137",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-29T21:15:09.470",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0007"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-13 03:15
Modified
2024-11-21 08:06
Severity ?
Summary
Vulnerability in SonicWall GMS and Analytics allows unauthenticated attacker to upload files to a restricted location not controlled by the attacker. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BFA6B7-2070-4FCA-B27C-5ED1047B1101",
"versionEndIncluding": "2.5.0.4-r7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2E8493ED-1A01-4FAA-9608-4481DDD0D69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89A96771-621F-4D0D-B667-0A99F5F76789",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in SonicWall GMS and Analytics allows unauthenticated attacker to upload files to a restricted location not controlled by the attacker. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"id": "CVE-2023-34136",
"lastModified": "2024-11-21T08:06:37.423",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T03:15:09.770",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-13 01:15
Modified
2024-11-21 08:06
Severity ?
Summary
Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read arbitrary files from the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BFA6B7-2070-4FCA-B27C-5ED1047B1101",
"versionEndIncluding": "2.5.0.4-r7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2E8493ED-1A01-4FAA-9608-4481DDD0D69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89A96771-621F-4D0D-B667-0A99F5F76789",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read arbitrary files from the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"id": "CVE-2023-34125",
"lastModified": "2024-11-21T08:06:35.997",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T01:15:08.783",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-27"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-13 03:15
Modified
2024-11-21 08:06
Severity ?
Summary
Path Traversal vulnerability in SonicWall GMS and Analytics allows a remote authenticated attacker to read arbitrary files from the underlying file system via web service. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BFA6B7-2070-4FCA-B27C-5ED1047B1101",
"versionEndIncluding": "2.5.0.4-r7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2E8493ED-1A01-4FAA-9608-4481DDD0D69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89A96771-621F-4D0D-B667-0A99F5F76789",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Path Traversal vulnerability in SonicWall GMS and Analytics allows a remote authenticated attacker to read arbitrary files from the underlying file system via web service. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"id": "CVE-2023-34135",
"lastModified": "2024-11-21T08:06:37.283",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T03:15:09.707",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-36"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-13 01:15
Modified
2024-11-21 08:06
Severity ?
Summary
Vulnerability in SonicWall GMS and Analytics allows an authenticated attacker to upload files on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BFA6B7-2070-4FCA-B27C-5ED1047B1101",
"versionEndIncluding": "2.5.0.4-r7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2E8493ED-1A01-4FAA-9608-4481DDD0D69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89A96771-621F-4D0D-B667-0A99F5F76789",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in SonicWall GMS and Analytics allows an authenticated attacker to upload files on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"id": "CVE-2023-34126",
"lastModified": "2024-11-21T08:06:36.143",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T01:15:08.837",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-24 14:55
Modified
2024-11-21 02:11
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analyzer | * | |
| sonicwall | global_management_system | * | |
| sonicwall | uma_em5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB379556-F957-439C-8644-DFD96C9BBE8D",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8DADDE6-6E5A-4C12-8B37-C9A173B05481",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sonicwall:uma_em5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23315AEF-29C1-4A58-A933-2A4305123D7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en sgms/panelManager en Dell SonicWALL GMS, Analyzer y UMA anterior a 7.2 SP1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrario a trav\u00e9s del par\u00e1metro node_id."
}
],
"id": "CVE-2014-5024",
"lastModified": "2024-11-21T02:11:18.413",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-07-24T14:55:09.910",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/127575/SonicWALL-GMS-7.2-Build-7221.1701-Cross-Site-Scripting.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/125"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60287"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/68829"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.software.dell.com/product-notification/128245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/127575/SonicWALL-GMS-7.2-Build-7221.1701-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60287"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/68829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.software.dell.com/product-notification/128245"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-22 12:29
Modified
2024-11-21 04:05
Severity ?
Summary
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:atom_c:c2308:*:*:*:*:*:*:*",
"matchCriteriaId": "CD028C10-FD07-4206-A732-CCAC1B6D043D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3308:*:*:*:*:*:*:*",
"matchCriteriaId": "A93010C0-33B3-438F-94F6-8DA7A9D7B451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3338:*:*:*:*:*:*:*",
"matchCriteriaId": "2A988A78-6B3D-4599-A85C-42B4A294D86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3508:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7C5EF4-3A92-4AF7-9B11-62B4FFDC5128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3538:*:*:*:*:*:*:*",
"matchCriteriaId": "246AA1B0-B6C8-406B-817D-26113DC63858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3558:*:*:*:*:*:*:*",
"matchCriteriaId": "00EE5B42-FF05-447C-BACC-0E650E773E49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3708:*:*:*:*:*:*:*",
"matchCriteriaId": "B0779CC9-BD39-4E0B-B523-A6C69F9EBB0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3750:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F0E3C4-7E9B-435F-907E-4BF4F12AF314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3758:*:*:*:*:*:*:*",
"matchCriteriaId": "5D616C72-0863-478C-9E87-3963C83B87E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3808:*:*:*:*:*:*:*",
"matchCriteriaId": "CC333B0D-3A0E-4629-8016-68C060343874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3830:*:*:*:*:*:*:*",
"matchCriteriaId": "6655535C-FF64-4F9E-8168-253AABCC4F5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3850:*:*:*:*:*:*:*",
"matchCriteriaId": "B1EDEA1E-9A19-4B3F-806E-D770D1AB4C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3858:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD68F3F-7E38-40B9-A20B-B9BB45E8D042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3950:*:*:*:*:*:*:*",
"matchCriteriaId": "1EACEF19-83BC-4579-9274-BE367F914432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3955:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC73291-AA6F-40B0-860A-1F2E6AB1E2AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3958:*:*:*:*:*:*:*",
"matchCriteriaId": "24128A7F-2B0B-4923-BA9E-9F5093D29423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_e:e3805:*:*:*:*:*:*:*",
"matchCriteriaId": "0990DD71-9E83-499D-9DAF-A466CF896CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_e:e3815:*:*:*:*:*:*:*",
"matchCriteriaId": "9B7FEDEF-9772-4FB1-9261-020487A795AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_e:e3825:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7B0F72-DEDF-40C4-887C-83725C52C92E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_e:e3826:*:*:*:*:*:*:*",
"matchCriteriaId": "9568C222-9816-4520-B01C-C1DC2A79002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_e:e3827:*:*:*:*:*:*:*",
"matchCriteriaId": "4B2F8FAD-1688-4369-BB4B-9FA9F30A80A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_e:e3845:*:*:*:*:*:*:*",
"matchCriteriaId": "53A1F23D-7226-4479-B51F-36376CC80B04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*",
"matchCriteriaId": "454AC633-5F1C-47BB-8FA7-91A5C29A1DD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2394E8C-58D9-480B-87A7-A41CD7697FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9AC02B-D3AE-4FAF-836E-55515186A462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z2420:*:*:*:*:*:*:*",
"matchCriteriaId": "65AAC7A7-77CA-4C6C-BD96-92A253512F09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z2460:*:*:*:*:*:*:*",
"matchCriteriaId": "FCD16C07-0050-495A-8722-7AC46F5920F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z2480:*:*:*:*:*:*:*",
"matchCriteriaId": "01423706-C82C-4457-9638-1A2380DE3826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z2520:*:*:*:*:*:*:*",
"matchCriteriaId": "A881E2D3-A668-465F-862B-F8C145BD5E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z2560:*:*:*:*:*:*:*",
"matchCriteriaId": "3E5B9B98-0EF0-4ACD-B378-F9DE5AB36CBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z2580:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDC6806-E4FC-4A6E-A6BB-88C18E47ABFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z2760:*:*:*:*:*:*:*",
"matchCriteriaId": "6602DD69-E59A-417D-B19F-CA16B01E652C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3460:*:*:*:*:*:*:*",
"matchCriteriaId": "05C493EE-EF9F-47E2-8F88-86DF6C5F1FF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3480:*:*:*:*:*:*:*",
"matchCriteriaId": "40010DAE-DD1A-4A81-B6E9-EDC1B0DDCAB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3530:*:*:*:*:*:*:*",
"matchCriteriaId": "ED96AC16-12CC-43F6-ACC8-009A06CDD8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3560:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE9DC29-C192-4553-AF29-D39290976F47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3570:*:*:*:*:*:*:*",
"matchCriteriaId": "F625E647-B47E-404C-9C5B-72F3EB1C46F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3580:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AF3279-89E7-4C91-8C5F-5AD5937CD0C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3590:*:*:*:*:*:*:*",
"matchCriteriaId": "B5878612-9825-4737-85A5-8227BA97CBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3735d:*:*:*:*:*:*:*",
"matchCriteriaId": "F453D348-28CE-402B-9D40-A29436A24ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3735e:*:*:*:*:*:*:*",
"matchCriteriaId": "36322F4B-83D7-468A-BB34-1C03729E9BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3735f:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD22811-C3C6-4B5E-98D5-D3F2240E6C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3735g:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C7D0BA-8F07-42AD-8BB9-C65472BE41C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3736f:*:*:*:*:*:*:*",
"matchCriteriaId": "B0A2A50E-94FA-44E9-A45D-3016750CFBDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3736g:*:*:*:*:*:*:*",
"matchCriteriaId": "5625CAD8-4A62-4747-B6D9-90E56F09B731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3740:*:*:*:*:*:*:*",
"matchCriteriaId": "43A234CE-D6AA-4A32-8425-1A4DDA0F6B6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3740d:*:*:*:*:*:*:*",
"matchCriteriaId": "78DE1A01-3AEF-41E6-97EE-CB93429C4A1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3745:*:*:*:*:*:*:*",
"matchCriteriaId": "410184AF-B932-4AC9-984F-73FD58BB4CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3745d:*:*:*:*:*:*:*",
"matchCriteriaId": "B265F073-9E0A-4CA0-8296-AB52DEB1C323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3770:*:*:*:*:*:*:*",
"matchCriteriaId": "3F664223-1CBC-4D8A-921B-F03AACA6672B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3770d:*:*:*:*:*:*:*",
"matchCriteriaId": "987A8470-08BA-45DE-8EC0-CD2B4451EECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3775:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBC9542-FB77-4769-BF67-D42829703920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3775d:*:*:*:*:*:*:*",
"matchCriteriaId": "74FDC18B-4662-422E-A86A-48FE821C056F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3785:*:*:*:*:*:*:*",
"matchCriteriaId": "CAB4AA2C-D1D9-44D8-9471-66EBDE9DC66D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3795:*:*:*:*:*:*:*",
"matchCriteriaId": "CBA3E7AE-CB74-48A8-A2B8-9FCADB6E40D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j:j3455:*:*:*:*:*:*:*",
"matchCriteriaId": "723E7155-493D-4B5A-99E2-AB261838190E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j:j4005:*:*:*:*:*:*:*",
"matchCriteriaId": "82E37264-E4BA-4D9D-92E7-56DE6B5F918F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j:j4105:*:*:*:*:*:*:*",
"matchCriteriaId": "8704BE6D-2857-4328-9298-E0273376F2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n3450:*:*:*:*:*:*:*",
"matchCriteriaId": "C1289B9E-5725-42EF-8848-F545421A29E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:32nm:*:*:*:*:*:*:*",
"matchCriteriaId": "50287A9B-366F-41F2-BEBD-D4C64EF93035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:45nm:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB79F2F-5522-45D3-A1D1-DC2F5A016D99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:32nm:*:*:*:*:*:*:*",
"matchCriteriaId": "9749C2B0-B919-4172-A2AD-04C99A479F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:45nm:*:*:*:*:*:*:*",
"matchCriteriaId": "0F1F45A1-A17D-4895-8A71-00010C7E55D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:32nm:*:*:*:*:*:*:*",
"matchCriteriaId": "D46BF41F-C44C-4D87-862E-0D156A2298DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:45nm:*:*:*:*:*:*:*",
"matchCriteriaId": "5927D78A-EE05-4246-A141-4A8815AB228B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:32nm:*:*:*:*:*:*:*",
"matchCriteriaId": "579FC479-DEA0-415D-8E8F-18A81A85A471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:45nm:*:*:*:*:*:*:*",
"matchCriteriaId": "CEECAA34-57F4-4B01-857C-C8454E1EDCAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium:n4000:*:*:*:*:*:*:*",
"matchCriteriaId": "967252A4-EC1F-4B31-97B8-8D25A3D82070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium:n4100:*:*:*:*:*:*:*",
"matchCriteriaId": "3205757B-07DB-4115-B3E0-4DF9D0EA2061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium:n4200:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF8ABFA-BBFD-42F5-9769-00F8CD67F7FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_j:j4205:*:*:*:*:*:*:*",
"matchCriteriaId": "88AF1366-8A14-4741-8146-886C31D8D347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_silver:j5005:*:*:*:*:*:*:*",
"matchCriteriaId": "7AEAA43A-4D97-4E13-82E1-895F3B368B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_silver:n5000:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6BAE0B-103D-430E-BAE9-429881620DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-1105c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2832E8BF-7AC7-444C-B297-66F770860571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:125c_:*:*:*:*:*:*:*",
"matchCriteriaId": "E9D0A534-1749-4ED3-8F18-BF826D84EB56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1220_:*:*:*:*:*:*:*",
"matchCriteriaId": "B581515E-29CC-462F-BB10-4EA6DE2D6637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1275_:*:*:*:*:*:*:*",
"matchCriteriaId": "036D395E-AFE8-4D61-91CC-E9B3CD8B6380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*",
"matchCriteriaId": "44AA72FB-E78D-419E-AA82-B0538C6504D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "687C3BF3-D71A-49AD-8A05-EAC07CBCD949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "90AF90D9-16C4-4F8A-9868-3E2823E3445C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*",
"matchCriteriaId": "3C063C53-8970-45B1-85F8-FB2080BF4695",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "64596ED7-794A-4D23-987B-D9AD59D48EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E52BA6-2F2F-4CD2-A601-5B0ADDE5E23F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "3FDA48F0-0F35-4A8F-8117-B0B28E00AB95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "A561A8E8-79E2-4071-B57D-590C22EF86A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "92E46658-60AB-4758-9236-3AC0E6464383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "207B8FBA-E2FF-485A-9AD9-E604AE0FB903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "33F99640-C753-40BE-A0A1-4C2D92E7DB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:3600:*:*:*:*:*:*:*",
"matchCriteriaId": "36609915-9E0D-4204-B544-4832E1195BA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:5600:*:*:*:*:*:*:*",
"matchCriteriaId": "3612AC78-4904-4830-85DF-38A38F617379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:7500:*:*:*:*:*:*:*",
"matchCriteriaId": "B79CC0FA-3DA1-4812-8E73-B0FF0752E31E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:e5502:*:*:*:*:*:*:*",
"matchCriteriaId": "D12F3759-48D2-4208-AD5B-3AC8B012D061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:e5503:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C61D9B-2733-4A67-9D6A-2290123C0405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:e5504:*:*:*:*:*:*:*",
"matchCriteriaId": "44C3C383-6927-44AD-9488-8B916D5959ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:e5506:*:*:*:*:*:*:*",
"matchCriteriaId": "7FC1E41C-7A17-42B7-936D-09A236D9C4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:e5507:*:*:*:*:*:*:*",
"matchCriteriaId": "E814CB3E-4542-4E3E-91E8-D97EA17C0B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:e5520:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD43D7C-932B-463F-8EB2-3A115FBED4BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:e5530:*:*:*:*:*:*:*",
"matchCriteriaId": "9CCD70F8-D81D-467B-8042-5D3B9AC513E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:e5540:*:*:*:*:*:*:*",
"matchCriteriaId": "D05C68D0-4771-4338-9761-6428195F0318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:e6510:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FC2878-389F-4687-8377-E192A1C519BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:e6540:*:*:*:*:*:*:*",
"matchCriteriaId": "4B24CEBE-51B1-4EC5-8770-BFDB0625193A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:e6550:*:*:*:*:*:*:*",
"matchCriteriaId": "61BD85A8-39D9-4248-96FE-CAEF4BC7CD44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:l3403:*:*:*:*:*:*:*",
"matchCriteriaId": "8320D28B-B10D-47AE-9B65-51304F93F9AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:l3406:*:*:*:*:*:*:*",
"matchCriteriaId": "35AD843A-EBB1-42BE-A305-595C23881404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:l3426:*:*:*:*:*:*:*",
"matchCriteriaId": "0D457B8B-50A6-411C-8528-96915B697C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:l5506:*:*:*:*:*:*:*",
"matchCriteriaId": "3934C421-BD11-4174-83F4-3E20176F03F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:l5508_:*:*:*:*:*:*:*",
"matchCriteriaId": "45EE1BA7-5356-4421-9CF2-48DA09EBAE3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:l5518_:*:*:*:*:*:*:*",
"matchCriteriaId": "92FE452A-EE8B-4ACE-96B1-B6BD81FAC9B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:l5520:*:*:*:*:*:*:*",
"matchCriteriaId": "47195FE7-3692-42C4-B29E-679A6FE0E220",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:l5530:*:*:*:*:*:*:*",
"matchCriteriaId": "C033BBFA-67F4-4F24-A042-FF996B327976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:w5580:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF7A770-3E90-4466-8595-8E523D82BC62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:w5590:*:*:*:*:*:*:*",
"matchCriteriaId": "FA7922C0-AB84-4331-BE8F-71A0D95D4F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:x3430:*:*:*:*:*:*:*",
"matchCriteriaId": "648CB034-89BF-48FF-A3BF-C84C08FE09E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:x3440:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7DC164-65FF-483A-AD69-3E23E449E52C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:x3450:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3DCB95-5139-44C6-8151-8CEFD37F9DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:x3460:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5FEA46-49A2-4082-98D2-56E698A56909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:x3470:*:*:*:*:*:*:*",
"matchCriteriaId": "0B85D7F3-1FA5-4FE1-AAFF-CEE8DF822CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:x3480:*:*:*:*:*:*:*",
"matchCriteriaId": "80607FEB-8908-40F6-B702-FD56D849E2D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:x5550:*:*:*:*:*:*:*",
"matchCriteriaId": "97F20575-82C0-466D-8FDD-AAC034247D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:x5560:*:*:*:*:*:*:*",
"matchCriteriaId": "648E21A8-6B5F-4C97-A71A-44B97DBB4FE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:x5570:*:*:*:*:*:*:*",
"matchCriteriaId": "172EA906-A08F-4D2A-9814-937C07F77C8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1105c_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1EC6D3-01CD-4CAB-817D-AE2E72FD0D03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1125c_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDBA35BD-1048-4B6E-96B2-1CFF615EB49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1220_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "979FEE9F-A957-43B6-BB6D-1A851D6FA11C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1220_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A7AF59D-D05E-47F9-B493-B5CD6781FDDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF7EC93-0170-45A9-86C7-5460320B2AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A7B1C2-D2CE-485A-9376-27E14F3FA05A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_12201:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F803AC-DCC7-43FC-BEB3-AA7984E0506C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_12201_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "560993AA-299D-42B7-B77F-1BD0D2114CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1220l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C582B1C-1DAC-48FD-82DD-7334C10A2175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1225:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7862B0C-2C44-4110-A62A-083116129612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1225_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "048C5996-F719-4338-B148-0DD1C13E02FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1225_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0196DA2F-CFA7-44D0-BDF5-37C7403E3B9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9FF7FB-AB5A-4549-8C15-E69458C649E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CEF6608-B650-4C77-9823-0AD57B3484F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1226_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE6A2D7-901C-45F9-B487-D674047D522E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCFCAC5E-6CF1-4EC1-A24C-688DD1016A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1230_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ADCB509-5B0E-4592-8B23-EC25A3F79D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1230_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB51691F-089F-4016-B25E-238074B06C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBAAC728-6A0F-4675-9677-AAF7DD5D38ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB3BFEFD-3D0D-48B0-A5AE-6F3C2D791CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1230l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC7E1AFD-9BCE-4487-A8DE-F9C60529CA7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1231_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EA37503-FD3D-4220-933C-234631D6EDEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1235:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72992831-2A76-456B-A80C-944BDD8591E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79C2131-5566-4CC2-B6ED-38E3F6964500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60BFDAA6-3DFC-4908-BC33-B05BAB462F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6266056-770A-4E2D-A4FC-F1475257648E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "929AA8F3-8BDF-4614-9806-6D4231735616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "605D7552-8184-4B11-96FD-FE501A6C97DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3144BBDE-CC96-4408-AA02-ECC3BF902A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8BA77A-34E3-4B9E-822A-7B7A90D35790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7165B43-ED22-4714-8FA4-1E201D1BFA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1241_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CFB133-FAF0-431A-9765-8A9738D6D87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1245:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2975B0F2-DB7C-4257-985A-482ED2725883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1245_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70221E07-3C2E-4A82-8259-AD583EB5CDDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1245_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "427DFD78-56CD-43C4-948E-F53AF9D669F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E6F5F-6B82-43D9-BD6E-D22F9B991DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75AD7649-3FEA-4971-9886-6C9312B937A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1246_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4EE972C-6BAE-4342-BA01-1D685487F9C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1258l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27CDFE3B-C064-49A9-BD43-3F7612257A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1260l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD0EEC1-D695-41A5-8CD6-9E987A547CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C35AA9AC-28B3-49C2-A9B5-5D26DFEDB723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1265l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBF25B8-D474-4C6B-8E45-F57DDC7074E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1265l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DF18FD1-6670-4C3C-8000-A079C69D575E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1265l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D760EEAF-5CF5-4F25-8FA2-D4F75F4F5A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1268l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "921EB5A5-F911-4FCE-A6F1-C66818B34678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13878C13-1C7C-4B83-AF27-4998E8F659DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "023063E1-2DD7-487C-A8A7-939FAEE666A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1270_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77255CE6-D7B7-4B48-993C-7100A1170BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1270_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B40AC368-3A14-4EFF-A8D0-7EFB4C83045D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3472AA7B-C0CF-4D65-8A6C-B1D52D27F0CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C07E80D5-70A5-49C9-9044-D683C7ECCFF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1271_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63668AF4-F29C-4424-8EC5-2F0A5950DD58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1275_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09C1C7CD-538D-4D7A-A81C-10DF5376A479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1275_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5922F749-2B23-44B8-8A46-F31BCAEAD279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C48BBAF-6B27-43D6-B86B-40CD8E7BA056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D75D0EEB-707C-4C86-A569-E91E9F00BA77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1275l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FB0E20-0243-40A1-8DEF-37150791222E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1276_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CFF26D-8AD3-4179-9E4C-F06D7C858C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1278l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7541572C-229F-4963-B7F0-06EB3323E53B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1280:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DE669C-27FD-4196-8B8C-1DA4EE4C1D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1280_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479F7C77-D16F-4E40-9026-3EB8422E0401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1280_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A242AC2-9AA6-43FD-90F4-5BF6E80DBB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04DB08C8-0018-4A8E-A206-097BDDF83B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7193E85-30BE-42D5-A26B-3F88817F3574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1281_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "446E8515-45FC-4B8B-8D12-60643D64C07F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1285_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBBDF6B2-D388-4639-87D8-064AA3F6B6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1285_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB8B6-B614-4EAA-BA90-C5326CB5D07A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A371DF9-E224-404F-99C2-C2A4607E62D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1285l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F40E356-365D-44B7-8C38-A0C89DDD6D3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1285l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3132029-89F8-4359-A0DC-A275785266A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1286_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B02F5685-0636-48AB-B222-434CA1F3B336",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1286l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E51FDD60-88E5-4A86-BB8E-4C2D7EDEFA03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1290:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED4693C-DECF-4434-90C0-56158F102E7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1290_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB408A6B-0842-43DA-9180-B0A299FCBCE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6215EBAC-7C75-4647-9970-482120897F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3357FCAC-B6C4-4E3E-A40B-AB5084A7F9B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B1BD2B6-1AF6-4AD4-94FA-94B453A21908",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D1FD6E8-80EC-461F-9ED1-CE5912399E80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E96F585E-BDEF-45EE-B0AB-94FE23753AC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2650l_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "3279C067-3058-4D46-A739-05404FD0E9B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2658:*:*:*:*:*:*:*",
"matchCriteriaId": "DB4DF0A7-8BC2-48AE-9036-FED6EEC57DF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2658_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0855225-F501-486A-BD03-2A86FD252B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2658_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "214C7B0C-C438-4000-9F9B-6D83294243AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2658_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C91AA2E-4BB2-49C8-9364-4E363DF42CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2658a_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA26781F-5A1C-4DA5-835E-D984D697F22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2660:*:*:*:*:*:*:*",
"matchCriteriaId": "2EEA4222-F25D-4457-80AA-6D05CA918D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2660_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3E60D1-5CF9-4F96-9EDB-D87F8CF57272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2660_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D321BC-6B1D-4C71-8E16-5A1319CEFD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2660_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "6777AC35-9D1F-4153-94AC-B25627D730E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2665:*:*:*:*:*:*:*",
"matchCriteriaId": "A5F063F4-8994-4E46-BA7B-A12A112009BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2667:*:*:*:*:*:*:*",
"matchCriteriaId": "4D6F2DE5-AF11-439A-8D37-30CB882ECD58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2667_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "E213DD86-5419-42C8-BF38-7795DDB3C582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2667_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "A972291E-5231-439D-873B-2F87BCAF800A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2667_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "C089CC54-3229-43D7-AA15-73CFA1A43EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2670:*:*:*:*:*:*:*",
"matchCriteriaId": "EF268D83-C15D-4559-A46F-844E1D9264F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2670_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE97C0D-3EA1-4314-A74A-7845C7778FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2670_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "34293F29-F327-4ADD-BF62-78F63F79BB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2680:*:*:*:*:*:*:*",
"matchCriteriaId": "528C0A46-1CC4-4882-985A-0BB41525BC6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2680_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "643F3522-A452-4927-944D-532574EC4243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2680_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "58F40B78-4DBA-44EE-8420-086789EFF53D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2680_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "423BFD8F-4B50-43DA-9979-75FD18FBC953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2683_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "8BAD4A68-0481-476F-BBBD-3D515331368C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2683_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "838CEB7C-7C4C-416C-86CE-6E8DD47EF25B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2687w:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7D021F-3C97-45B3-B1F7-0AC26959F22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2687w_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4A31AEF3-448D-417B-9589-4BA0A06F2FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2687w_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A1D96F-7FFD-413F-ABCE-4530C3D63040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2687w_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB2B08B-D3C7-4B82-B170-471D6CDEFAE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2690:*:*:*:*:*:*:*",
"matchCriteriaId": "4B8343FE-1320-40AE-A37F-70EF1A4AC4B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2690_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD42BA5A-7DA0-409D-8685-E43CF9B61D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2690_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5FF80E9-CF28-4EF6-9CFE-4B500A434674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2690_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "7896A6C6-5918-4C27-85AF-6FEEFC7F8FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2695_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "647B77A4-2F49-4989-AF43-961D69037370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2695_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "805B1E33-F279-4303-9DF3-C81039A40C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2695_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "B971EA9E-AE5C-4A1D-AD55-8241F7B38C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2697_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7E0AAE-6539-4024-9055-BE0BAD702143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2697_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1A8828-0765-4799-AD6C-143F45FAAD23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2697_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "12D34618-1CCA-405B-A49C-EB384A09C2C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2697a_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "575D6061-66BC-4862-BC84-ECD82D436E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2698_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "56B6EE64-1AD4-46B2-BA65-BB6282E56EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2698_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "11650B45-0BDA-42BF-AEF3-83B48DD6A71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2699_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3C92BA-827B-48AF-BBB3-FB60A9053C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2699_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC097E24-F6C9-40D9-95E9-7EFDFA61AFF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2699a_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB44CA7-DFE6-4B1A-9A63-97AE30017E49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2699r_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "4B305EFA-6226-412C-90EE-F0691F2DDDE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4603:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3874FA-63CB-4B5D-8B64-CE920320A4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4603_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "0800ED17-50E4-43F3-B46C-591DFA818BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4607:*:*:*:*:*:*:*",
"matchCriteriaId": "A46B0405-F301-4209-8766-6E12EAFAD157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4607_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "F99F9F1F-A967-4884-96CF-4488102DC0A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4610:*:*:*:*:*:*:*",
"matchCriteriaId": "DA9B37AD-4599-425B-B39F-E571F4975266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4610_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A5F1CF-A1E6-45F1-8B09-36566778DB57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4610_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "698C8A49-888B-4675-B3B0-25EDE2FD515E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4610_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "70D98F97-8EF4-48B5-84BE-C3CC27031FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4617:*:*:*:*:*:*:*",
"matchCriteriaId": "B473D1FA-909B-492E-9C5B-94B0E20E1C0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4620:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5EA7E-322E-4CE6-89D4-7DB1055C9034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4620_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "67836379-4E1A-45CD-9506-7D3F612E47C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4620_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B1BBC61-8664-4452-93A7-DDB4D2E4C802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4620_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F1B50C-FC5F-47F4-87BC-60E1BD3DD1F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4624l_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "044F0375-DF2F-4D9B-AD7E-473D34165E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4627_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEE9B72-5C4C-40C0-A8A7-9DF11655DA43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4627_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "4A0655CA-A88C-4632-9A18-560E3F63B2F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4627_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1454DD-DA51-4CBC-8BB2-09D5AB5777DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4628l_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "C6965851-3B29-4C21-9556-97FD731EAA85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4640:*:*:*:*:*:*:*",
"matchCriteriaId": "52984FD2-44E0-4E91-B290-0376737EEF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4640_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C5D92E2-E718-4247-BA5D-DFE86C0F6AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4640_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF933366-7503-4F8D-B7AA-F6A16210EC37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4640_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2DAF5D-5BB7-49C6-8426-8B547505B6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4648_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "3EABB21D-D021-434B-B147-CAF687097A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4650:*:*:*:*:*:*:*",
"matchCriteriaId": "7609424D-95F1-4493-A20C-B1BA4EC6439D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4650_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "966DC636-C802-4D9F-8162-652AFB931203",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4650_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "A75794EB-A5AF-43F0-985F-D9E36F04C6D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4650_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "31C2CFF0-98FD-4A0D-8949-D554B2FE53D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4650l:*:*:*:*:*:*:*",
"matchCriteriaId": "05F9217F-5028-4659-AA8E-F60548DE4D52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4655_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "4AC769DC-CF2E-4A3C-A610-264F024E6279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4655_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "9B2B1CBF-D155-49BC-81A4-4172F177A5C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4657l_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "370B2B32-519E-4373-8A04-5C5025D688BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4660_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "83D9B562-C279-4A55-A347-F28FC4F9CD12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4660_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8C2BA0-48A8-4107-8681-A7C34C553D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4667_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B009DE-A82F-4569-9B42-EC1EC4DA8A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4667_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "683B6E83-37FF-4F9B-915F-059EBB29DB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4669_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "E218718F-4BE6-48B0-A204-9DD4A932A654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4669_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0AB327-B60A-473C-9D36-97766EE62D7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1428l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA249EE-4786-4E27-8787-5E8B88C2AEB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1428l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBD0529-1CF3-44E5-85B3-19A3323C9493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1428l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D664EE97-07EC-410F-94C3-AEAB2C6A627D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D31DB981-03B1-4A84-8D87-CD407C3C149F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1620_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CBD155D-89D9-4677-A621-4D7613BE65C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1620_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D02BD0D4-FFFD-4355-97D8-170362F10B9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1620_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6635781A-2651-4EF2-A5AC-AEEEE63FDE6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1630_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DCE6930-760A-48C0-B964-1E3ED6A8517C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1630_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E52DE90-DF96-4CE7-B8D1-226BA50E4D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8EB40E7-9B91-4106-B303-2B70AF395BFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1650_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB0D5CD-8AF3-409D-96A7-718641D4B90D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1650_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E420B0B-0CD5-41C7-B25A-3DB856055F9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1650_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B0C295B-0D63-4BE7-830D-D927E00C301C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "605C340D-2220-4669-B827-9009CB099E8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1660_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8791879D-2908-4F57-8DB3-6D24100A9108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1660_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBEDBBA-0427-4DE0-BA8D-737DE7DF80E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1660_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E823DC5B-98BE-4656-BFBF-3A7018F8F213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1680_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64E8D558-ADE0-4358-9C76-7BD77BF23AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1680_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7973B3D0-F244-4E26-88F5-A2D9BF2E4503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2403:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68E6BAB9-CBA4-4362-BC82-00D2C5CC6FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2403_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD3F4BFF-3CBE-4E4B-8B29-B203F99CFD8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2407:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F5CB567-4F86-4466-BE4D-BFF557ACAE0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2407_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A52611B-6583-4660-90D7-C9472728072B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2408l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E80C6E89-B57C-47BB-8B95-50C03DFB3B96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2418l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9AB685B-FEE1-41EF-A046-1B34619E12A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2418l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9F6724-967A-4AF0-9896-12BF6164B2CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2418l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1116BF-12D7-47CC-98DB-18B200CF9C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBB28DE-726B-4AF0-88A5-35987E1E648B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2420_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA1DB22-8FBF-4CF6-AA96-5B68EE28877D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2428l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1880E2B8-5E0E-4603-8D17-3ABA43D28179",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2428l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FAFBB92-1917-4238-832B-195FBE418271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2428l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DFDF3F-9A3F-42B8-99A1-A3F76B198358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8778F972-BF34-482F-9FA7-71A77F6138E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2430_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F288BB0-FE7A-4900-B227-BE80E4F4AADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2430l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8DC53A-90C6-47FE-89F1-A1FE8B1C07A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2430l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57E16338-A094-4CA9-B77F-6FE42D3B422C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2438l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E07AB33-5351-487D-9602-495489C7C0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22115ED6-1707-4840-B0D1-AD36BC0C75A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2440_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C633BC-831F-4CB7-9D62-16693444B216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2448l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CF5EE7E-F41B-44EC-9F69-7963B1BF1FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2448l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD501E1-E78F-44C6-8A13-C29337B07EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9085BA0B-B7E2-4908-90C0-B4183891C718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2450_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2267CB8-0EE9-4DBD-AD5F-8A13BB62673C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81971C2F-137A-4F11-8C93-3B99D4CD1B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2450l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98E0BDAC-398E-406B-B2DB-AE049D6E98B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB66D7E-B465-4A8B-8CBD-7E93CCA2CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2470_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86AFDE6C-DE58-4C4D-882E-474EF6C3D934",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2603:-:*:*:*:*:*:*:*",
"matchCriteriaId": "950C6BF9-AA47-4287-AC01-D183237490FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2603_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2355181D-D8EE-4F80-8280-13D5CBCF4779",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2603_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5209343F-66B0-4DC0-9111-E2E64CFF7409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2603_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "720109A6-B79E-48E1-9AE7-7708B154788E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2608l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82FF0DBD-AE13-4232-80F7-F4C2E2CC9721",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2608l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E944ED-8C02-46B8-BF95-0CE4C352753B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2609:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77AEA3D1-4846-46E2-9B80-20B19F00DC11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2609_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1576978F-E93D-4A47-90B6-6A4E3A7DE558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2609_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D339FE5-001F-4005-88A5-CFFE37F9B63E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2609_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BDABA86-497E-497E-A5BA-46F913A4840A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2618l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD886F4C-DB6F-4DDD-9807-8BCBB625C226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2618l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E16912A-7F6A-4A2B-B70F-D1FCD34BC7DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2618l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C454B7-E5F4-4AAE-B577-FD71FA002C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38BE2781-3A06-4D62-AC8B-68B721DA526B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2620_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9AE4EA5-B8C8-4AE2-9614-F9DBDB4D79DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2620_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA23772-2EB8-4BEE-8703-26D967EC4503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2620_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72DC766A-B1F9-4B83-9F9B-CF603EE476BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2623_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA594740-43C5-4F42-BA5B-00CA8AE7BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2623_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "572B16E2-8118-43A0-9A80-5D96831D55FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2628l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FB5C551-BADC-4A3A-93E5-2EBCA0704C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2628l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5383B7A3-1569-4FEB-B299-B87CE8C8A87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2628l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A05BBDE0-6C47-4489-9455-7DA7D230ECA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1789AA69-EA31-44D1-82E6-228E48E18586",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A7D5FF-3B1F-4C64-BB81-7A349765520D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D93A92E9-C8D2-4F6E-A5CA-E8AFFEEC7E13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F0498B3-393A-4C32-B338-E6014B956755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C451F752-6869-4AFA-BAE5-5C9A54427BF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83710FD1-099B-436D-9640-061D515E10BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "517B71CE-6156-40E1-B068-A2B733E205E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11DEEEE5-5055-4CE1-962C-C5F075F4CC02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2637:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8718DDAB-3208-48CF-9BCE-54DA1257C16A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2637_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1AA901-E822-4240-9D82-C9311E4F87B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2637_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDE3DF-8E79-4997-94EB-B517FFCAE55C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2637_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A0DE13-EB0B-493B-BC84-3AEB3D454776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1727697B-1F59-4E29-B036-C32E9076C523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2640_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E69E827C-C0D0-46C7-913A-1C1E02CEAACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2640_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2528F3F9-34DC-41DA-8926-382CB3EF5560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2640_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E452C262-5A8D-4D97-BC7F-A4F5FF53A659",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2643:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57BF69-D750-4278-98AA-976B0D28E347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2643_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ADAE30-6CAD-4F5B-B6F7-C18953144C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2643_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A25D792-E21D-43EE-8B9D-67DE066DE5DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2643_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C669783-C058-4B4F-BB9A-84B2C4682247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2648l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "159B088B-9A85-4CAA-854A-AA080E528F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2648l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE74A94-FE8F-4749-A35A-AB7D57E24913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2648l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "990AC341-0E67-4A81-87E9-EE3EFD9E847E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2648l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53BC18B0-58F1-4477-9978-CA7383C197FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "474992FB-842D-4661-A565-44AF2CD78693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2650_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "476E1B79-5342-4895-96D7-E97DFC1F5334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2650_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD318D5-89A6-4E28-939C-C5B61396806B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2650_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "981AD3FF-1D14-4ECD-8B6F-BCEB7F2409AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2650l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A32C7E89-32ED-4328-9313-FA7D3DDBDC58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2650l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2792EED8-2CBD-478E-BC09-05FE830B3147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2650l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97B1AF2F-6E48-4DBD-A60E-3088CA4C3771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2803:*:*:*:*:*:*:*",
"matchCriteriaId": "34E1691D-65B3-45E4-A544-8B29E38D569D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2820:*:*:*:*:*:*:*",
"matchCriteriaId": "E42F2703-B8AB-410E-AF7B-CD0BE777F061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2830:*:*:*:*:*:*:*",
"matchCriteriaId": "31244C94-00A3-499C-A91A-1BEF2FB0E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2850:*:*:*:*:*:*:*",
"matchCriteriaId": "878FF6E8-8A6D-44CE-9DD1-2C912AB8A193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2850_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "5078A95B-2BD8-4A37-A356-F53D1A53CB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2860:*:*:*:*:*:*:*",
"matchCriteriaId": "0BFE67CD-DE53-4C4E-8245-35902AEFA6E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2870:*:*:*:*:*:*:*",
"matchCriteriaId": "9F231D31-3AAD-4C5D-A225-D2DF94486718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2870_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "5998DF5D-E785-45EC-B8D0-1F4EC4F96D50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2880_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "EADFD013-0BFB-427C-98E6-F9E4774DCBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2890_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "58620B10-FEA6-456D-B6B5-2745F5DBE82D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4807:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F698B1-D9CF-4FE5-933D-EFCEA3056E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4809_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4858A1F0-97F2-4258-AB98-027BF1EC5117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4809_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C961A8B-EAFD-4F66-9432-BCC0D154ECCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4809_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "052DE6CD-A1E7-4E81-B476-66EF451061C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4820:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE1AE1E-6FC0-41D8-857C-C5A99CAF5823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4820_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "751B3AC8-D45E-46B6-83D5-311B693F3C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4820_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "9588277A-0B97-4408-9CF7-11271CDAADD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4820_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "479FE854-85E5-4ED0-BFAF-2618C9053082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4830:*:*:*:*:*:*:*",
"matchCriteriaId": "E048B9BF-77C8-49F7-9F2D-9999F79BA264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4830_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CD16D4D-E816-486D-96F4-5A2BF75B959F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4830_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "169C558E-1A83-47D5-A66B-035BD1DD56FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4830_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "D683E509-3FB2-4175-BCAB-4EB1B5C04958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4850:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCFA915-5445-4732-9F8F-D7561BA4177F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4850_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "63A9FD98-C22D-48F6-87A1-60791C818A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4850_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "85F99F24-1783-4E6E-BE61-04C2E80356ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4850_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "74CC7EB9-3F59-4C0A-B3A1-984BCCFB25BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4860:*:*:*:*:*:*:*",
"matchCriteriaId": "85289E4C-C813-4677-867D-EE8E98F4A1A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4860_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "27C8150F-BEFA-406D-9F0D-E7CB187E26AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4870:*:*:*:*:*:*:*",
"matchCriteriaId": "1E807F90-819F-4103-B1F7-4CE46971BD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4870_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD93203F-71B9-4F87-B5D8-FD273451C8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4880_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1E652C74-C48D-4F29-9E85-09325632443F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4890_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "99158191-3013-4182-8A53-5DFCA1E2C60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8830:*:*:*:*:*:*:*",
"matchCriteriaId": "F7E39A3E-7EAE-47C9-930B-58A980B73FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8837:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDA54BA-C00D-4890-9B7F-328257607B21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8850:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5EFB1E-334C-4B55-8E2E-6AE19B34774D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8850_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8260DCA-2F0C-45F7-B35F-D489AF5639F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8857_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "7778F81B-6D05-4666-B1D4-53DB0EC16858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8860:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC6706A-61F7-4AA0-B2FF-0FFDF739A644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8860_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF1B16B-02F2-4ECA-938E-B5CDCFC67816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8860_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C5501D8-1B0D-4F5A-AFD7-C63181D3281F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8867_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1751F0CE-A0D3-40E2-8EEC-D31141FE33A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8867_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "5FF9AFA7-BBE8-4229-94CB-5A9596728BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8867l:*:*:*:*:*:*:*",
"matchCriteriaId": "E23A777F-68A4-4217-A75A-4D8A27E6451A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8870:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA27DFB-CDD1-4F52-86B3-DB2320A9C7B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8870_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "392A4337-11F6-4980-A138-4FDBCAD0EBA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8870_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E9BB67-F1FF-4190-889F-78B965CCE934",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8870_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "F4185A70-5D10-448E-A9AB-AA9D5CDF0FF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8880_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "35607317-0928-4297-A33E-D44BEE1BBEC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8880_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "D48323B1-7FEB-451F-A064-23E7CE7F6403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8880_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "29EF4E8A-EF37-4DCC-B5D4-DA89AF31DD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8880l_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "F5763189-7980-4A72-92C9-1908FE9E15EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8880l_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "C53ACD49-DA21-4DDE-A0AA-FCCD59D29886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8890_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4326D350-EBC2-48E6-A2C6-0499F6826CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8890_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "8594E6FE-B6DB-4343-B3DD-AEC19923DAF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8890_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BCADA00-E453-414D-9933-FCB43D21BBC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8891_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "E62212D9-F707-4A8E-AB2A-A3985E7A4049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8891_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "561755A8-8AAD-4F41-8266-747EFDAF2D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8891_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F4BB0F-DAF4-479B-B78A-7929C151AA1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8893_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "A207312E-1D35-4464-A111-22C4C793E146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8893_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B16E32-07D5-445B-BAA5-4E4A0881BFC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8893_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF08F6B-2ECB-414C-82D7-C06085BF8B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8894_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "21032BE3-74D8-4C3F-B461-158F475B6853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:5115:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9AC992-59B7-44EE-9FF3-567AC48938AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:85115:*:*:*:*:*:*:*",
"matchCriteriaId": "9DB6A2ED-D433-4A8E-8044-02571D0BBD92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:85118:*:*:*:*:*:*:*",
"matchCriteriaId": "4F819519-61B6-4ED0-8A23-509D6B26ACE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:85119t:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D81C40-4BD0-4D25-95B4-44BE2011F117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:85120:*:*:*:*:*:*:*",
"matchCriteriaId": "85C3A39E-29D3-4C02-89A6-D5B3475EF592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:85120t:*:*:*:*:*:*:*",
"matchCriteriaId": "C70340A2-71DC-4D4D-BA2E-2B2E9ACDBE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:85122:*:*:*:*:*:*:*",
"matchCriteriaId": "586DB792-9FF6-4253-9DAE-F3ACA3F1C489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86126:*:*:*:*:*:*:*",
"matchCriteriaId": "330576E9-3A92-4E22-BBC0-94A12ACE1032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86126f:*:*:*:*:*:*:*",
"matchCriteriaId": "5C644430-A075-40E1-8E35-15B97D8E9078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86126t:*:*:*:*:*:*:*",
"matchCriteriaId": "BAC094AC-0A3A-43F3-823A-089235D04A7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86128:*:*:*:*:*:*:*",
"matchCriteriaId": "5835FB20-922D-4478-8E4B-A53CCEE46198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86130:*:*:*:*:*:*:*",
"matchCriteriaId": "667A34BF-8699-477D-B30A-CEF0A36FC81B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86130f:*:*:*:*:*:*:*",
"matchCriteriaId": "FE586938-ED60-40EA-8177-30267C7A3E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86130t:*:*:*:*:*:*:*",
"matchCriteriaId": "CF902C36-0708-4B93-9504-5EA7EEDD628F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86132:*:*:*:*:*:*:*",
"matchCriteriaId": "F0BC5EBB-2F1A-45C4-A8A7-122FBE4CBC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86134:*:*:*:*:*:*:*",
"matchCriteriaId": "795F5800-8C06-426B-80AA-20F8E402ACAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86134m:*:*:*:*:*:*:*",
"matchCriteriaId": "173E49AF-95A9-4DAE-8C74-13CFCA8F0726",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86136:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE96391-4F25-4505-B757-D1F15ABD9FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86138:*:*:*:*:*:*:*",
"matchCriteriaId": "D037E4BA-35B9-42CB-9DDE-BED3DF49B958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86138f:*:*:*:*:*:*:*",
"matchCriteriaId": "43288516-FA4D-4D8F-9E69-EA27115EB43B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86138t:*:*:*:*:*:*:*",
"matchCriteriaId": "13EF19E9-FE9A-4ED7-8D9E-848F10C088B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86140:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB72D0E-0E34-4EF3-98FB-52BE4A135D2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86140m:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDE7F94-D938-40BA-A1F6-CE52D0B74ECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86142:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E39247-337C-49D1-BF1B-504F2DA4EBA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86142f:*:*:*:*:*:*:*",
"matchCriteriaId": "A45FA7CB-6523-4042-8832-193D87102F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86142m:*:*:*:*:*:*:*",
"matchCriteriaId": "61E350A6-9EC7-4E14-9790-040F154CE15D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86144:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D70B4E-6B85-459C-AACA-59AB5CCC0B38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86146:*:*:*:*:*:*:*",
"matchCriteriaId": "565EB5E9-3B86-4353-BFF6-3F5D27140B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86148:*:*:*:*:*:*:*",
"matchCriteriaId": "A32CBB5D-392A-4CD1-82D3-A97D822FADFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86148f:*:*:*:*:*:*:*",
"matchCriteriaId": "383E08FE-EE7A-4E41-9AAD-786779D4B5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86150:*:*:*:*:*:*:*",
"matchCriteriaId": "2D50C6D5-3452-4214-B3FF-9F8009D75C3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86152:*:*:*:*:*:*:*",
"matchCriteriaId": "A93954C6-9B01-4CEB-8925-5D3F415AFC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:86154:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7D54E5-6EDE-44DE-AEA6-F7F76E3EC36F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8153:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB2949C-4699-49EF-83EB-31199E0CE2DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8156:*:*:*:*:*:*:*",
"matchCriteriaId": "66C169DC-EEFE-4DE6-A3D0-65B606527240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8158:*:*:*:*:*:*:*",
"matchCriteriaId": "FD28227A-8888-43B2-BC41-8D54B49DA58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8160:*:*:*:*:*:*:*",
"matchCriteriaId": "7984BAEA-4518-4E17-830E-B34D09648BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8160f:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2214E5-491E-448F-A4B6-A497FB44D722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8160m:*:*:*:*:*:*:*",
"matchCriteriaId": "2AE93013-C262-46A5-8E77-D647881EE632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8160t:*:*:*:*:*:*:*",
"matchCriteriaId": "85B53CEC-943F-4966-8EC1-CB2C6AD6A15B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8164:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAC04A3-EBE3-406B-B784-A3547162ECE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8168:*:*:*:*:*:*:*",
"matchCriteriaId": "15720FFE-B2A4-4347-BCD7-DFA6774C0B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8170:*:*:*:*:*:*:*",
"matchCriteriaId": "50F46B0E-C746-44B4-B343-E3DCAB4B98DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8170m:*:*:*:*:*:*:*",
"matchCriteriaId": "5AE30903-4F75-4D71-A8BB-44D1099E9837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8176:*:*:*:*:*:*:*",
"matchCriteriaId": "98311EAA-26C8-4092-8BE5-4E7BEAA68DD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8176f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8CF348-811C-4342-ACB9-AFCABCC34331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8176m:*:*:*:*:*:*:*",
"matchCriteriaId": "71998EC5-EC0F-496C-B658-3CD91D824944",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8180:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F19B2A-E7A1-4B97-AC40-02B0D3673555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4108:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6387C9-C0A8-4B26-BC62-802775CD0AD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4109t:*:*:*:*:*:*:*",
"matchCriteriaId": "EFEB0164-77C2-4EC2-92FD-5FCE246119CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4110:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB20210-337C-4220-8CA1-F4B2BC54EBC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4112:*:*:*:*:*:*:*",
"matchCriteriaId": "F699569F-4F52-4CC0-90D9-CC4CBC32428A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4114:*:*:*:*:*:*:*",
"matchCriteriaId": "CBAED22B-D097-49C4-ADDF-4B3F3E1262D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4114t:*:*:*:*:*:*:*",
"matchCriteriaId": "ACF5C3C2-EE69-4DE7-A76C-C797192EE7A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4116:*:*:*:*:*:*:*",
"matchCriteriaId": "7756B588-5A63-4508-8BDD-92DB8CB0F4AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4116t:*:*:*:*:*:*:*",
"matchCriteriaId": "316E26AE-67A5-4E75-8F9B-ECF4A03AED51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a:15:*:*:*:*:*:*:*",
"matchCriteriaId": "001AB619-157E-40B4-B86C-5DB18245D62F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:arm:cortex-a:57:*:*:*:*:*:*:*",
"matchCriteriaId": "38D51E27-28A3-47A1-9C36-1A223858E352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:arm:cortex-a:72:*:*:*:*:*:*:*",
"matchCriteriaId": "365DF3EF-E7D1-41FC-8382-D3B095542D59",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB0FFE3-4BE1-4024-BCC6-1B87074DE2E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAA72A4-AC7D-4544-89D4-5B07961D5A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B8C725-34CF-4340-BE7B-37E58CF706D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*",
"matchCriteriaId": "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*",
"matchCriteriaId": "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4AC996-B340-4A14-86F7-FF83B4D5EC8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*",
"matchCriteriaId": "704CFA1A-953E-4105-BFBE-406034B83DED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization_manager:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E938A8EB-68FE-427B-B67E-C880FBF54BBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA1A18F-D997-4121-A01B-FD9B3BF266CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "967EC28A-607F-48F4-AD64-5E3041C768F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "92C9F1C4-55B0-426D-BB5E-01372C23AF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "13E02156-E748-4820-B76F-7074793837E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3EFED2-F6BC-46D9-AB22-D5ED87EF4549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:itc1500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC8E8CF-2507-49DE-BF54-CCF16A2861F5",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:itc1500:3:*:*:*:*:*:*:*",
"matchCriteriaId": "742BCB01-8856-4F6F-86B6-A1DB878C3062",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:itc1500_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5178C320-CDB7-4180-951B-BFBCFAFB7FAA",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:itc1500_pro:3:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE4079D-C47A-4D57-9B37-947DE42F8A60",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:itc1900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E1F645D-141D-4BCB-8F90-4A7BCC08988B",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:itc1900:3:*:*:*:*:*:*:*",
"matchCriteriaId": "B203F60B-0694-4B46-96CB-E8C5E4375E85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:itc1900_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F702CAFB-3ED9-4185-9781-1DAA8A0B01DD",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:itc1900_pro:3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C231846-D2BC-428F-AADE-A7E09DB3A547",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:itc2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBA817DF-52C1-4FCC-A661-F81D923A18EF",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:itc2200:3:*:*:*:*:*:*:*",
"matchCriteriaId": "D00016F2-3E88-4F57-AD2B-378153E73956",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:itc2200_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B30A4009-B0DD-492E-AEC1-985261707AC3",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:itc2200_pro:3:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ED0315-9898-4110-96AB-5C198357ED83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:local_service_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E49B728-E8DE-4B23-9564-7BFDED6F299E",
"versionEndIncluding": "13.3",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8C192B-8044-4BF9-9F1F-57371FC0E8FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_ape_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48B6FA71-3077-4202-A9A1-CBDF9AE2521E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_ape:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4F2A68-3715-4F86-BEEC-8C4D4341B100",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_et_200_sp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B42251AC-8FED-4BDE-93B3-5203F32D6313",
"versionEndExcluding": "2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_et_200_sp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A661231-49DF-477F-954A-702839A9266B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_field_pg_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CAD5D20-80DB-4A09-AFBA-BCA594DE3B93",
"versionEndExcluding": "18.01.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_field_pg_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ADAD919-32C1-49D2-A419-C9A803DB6250",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "503E551C-FC5F-4ABC-8DEA-E360701F0B33",
"versionEndExcluding": "22.01.06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "506DEE00-30D2-4E29-9645-757EB8778C0F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc3000_smart_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "664FC58B-33E9-43E4-A87E-5C78F935C332",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc3000_smart:2:*:*:*:*:*:*:*",
"matchCriteriaId": "4809A582-BC22-41A0-815A-32CF2BA197F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc347e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45509778-898E-45DF-B14E-68B6C456B9B6",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc347e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49D276DE-950F-4A61-BA13-DD5D07A17571",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc427c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AB7B8D-D6FB-43A0-865D-58D4CDF96C06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc427c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEA7336B-85CA-4A15-B7A6-D20B67041CCB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc427d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBA3B550-EB8B-4EBB-A1F0-14152A6791DD",
"versionEndExcluding": "17.0x.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc427d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46CC8AFE-ED6C-4A50-AC80-D2309E03FAE4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33F546AF-8F80-4E0A-9B92-86E3A1F931C0",
"versionEndExcluding": "21.01.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A40D0CDB-7BE6-491F-B730-3B4E10CA159A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc477c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D55FC2D5-DCF6-4A24-873F-D0CF80DB3921",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc477c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E4335E3-D2BB-4465-BBC8-611C7F85BEF8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc477d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "435F7F3C-7483-4101-BC0A-E1E2BB66D6C1",
"versionEndExcluding": "17.0x.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc477d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "754A6744-5194-4A99-BD3B-944A8707C80F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5B6E6B-16A0-4236-AABE-82385B53EC78",
"versionEndExcluding": "21.01.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF9D4C3-1892-48FA-95B4-835B636A4005",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "224D0968-6414-41F7-8929-C69D524A416F",
"versionEndExcluding": "21.01.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC5CE20-7D08-4496-A857-C3A4BD0AB1AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc547e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D476D093-4A97-499C-B40D-7A301BC9AA2E",
"versionEndExcluding": "r1.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc547e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9DD4A97-1648-4C7F-A5A0-6899BD13A617",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "940CCA5A-EC4A-4D46-B56C-4FC3698707E0",
"versionEndExcluding": "r1.23.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB339B5-602F-4AB5-9998-465FDC6ABD6C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc627c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "203B30DB-52C6-48ED-8A94-76F775DA1198",
"versionEndExcluding": "15.02.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc627c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1A57A9-F6E5-4672-BD22-09EF5522CA10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc627d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "790D244A-AC3D-4BBC-9139-A90048FD375A",
"versionEndExcluding": "19.02.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc627d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "509AD120-3465-4C00-AAB3-B6F6ED708B51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc647c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05466B50-76ED-41E7-87DC-96CA95AAC6A2",
"versionEndExcluding": "15.01.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc647c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E752006C-6D94-4B14-B3A5-C9BB94141BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc647d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C046182-BB33-41D0-B041-1566B8041917",
"versionEndExcluding": "19.01.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc647d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0EF28FB-BAB3-4710-9D25-25F67ACADC60",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc677d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE74300-E061-452E-AD1D-6DD7C2C62729",
"versionEndExcluding": "19.02.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc677d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "057D9947-CE4A-4B4C-B721-4B29FB71350C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc677c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F232B7B4-D633-47ED-B435-6EB6530019F4",
"versionEndExcluding": "15.02.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc677c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E74F55B7-DE3D-4D74-A7E7-9BCB8F7B114A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc827c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C0D4DB3-FBA2-4868-8A38-5D81E622C709",
"versionEndExcluding": "15.02.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc827c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FFD2D72-5464-4B86-BACB-61F55A081C3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc827d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4A7C13-6F81-4629-9C28-9202028634AE",
"versionEndExcluding": "19.02.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc827d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D87239-40C1-4038-B734-D77AC4DDD571",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc847c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8014E0E5-F880-4886-8294-7EC971D5BBF9",
"versionEndExcluding": "15.01.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc847c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "687E1212-EC5A-47BA-ACAB-74F6C98B7C34",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc847d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93485235-481B-4BAF-BB7A-81BB5AA1BC53",
"versionEndExcluding": "19.01.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc847d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F37D88-E086-4060-8420-BD0F8D8FF580",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD949046-46E5-48C9-883B-92F04926E8BC",
"versionEndExcluding": "23.01.04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "187C6D51-5B86-484D-AE0F-26D1C9465580",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F81F41D-480F-4443-927E-00607DD40BF5",
"versionEndExcluding": "2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30DDEA9B-E1BF-4572-8E12-D13C54603E77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simotion_p320-4e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8102F17-F6DA-4EE9-B533-EA806D9E7F7E",
"versionEndExcluding": "17.0x.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simotion_p320-4e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE09494-625A-4FF7-8B3E-6510FF9AFC9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinumerik_840_d_sl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8095A5-3677-4024-9437-C46DA382C280",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinumerik_840_d_sl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9565FE15-A705-4D0A-BFA3-30871FDCF9DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinumerik_pcu_50.5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E16526D-CCA8-45B2-829E-4562A7440356",
"versionEndExcluding": "15.02.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinumerik_pcu_50.5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9220E9B5-5A0E-4F90-9A2C-B4692E937DBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinumerik_tcu_30.3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE42ABA9-E5D8-4589-B111-AE191747E03D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinumerik_tcu_30.3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E53E94C-0F57-4A71-B919-C34984A5ADB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinema_remote_connect_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2051E518-7CCD-4B49-9705-BDDC37177BE0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinema_remote_connect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF739F2D-744A-44CE-8DA7-F89A14239943",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mitel:micloud_management_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "417953F8-F722-4CD0-BC59-1192A4533505",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:micollab:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61E87F32-4157-42A3-A758-36AA2A4D7AFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:mivoic_mx-one:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEABF0C-99D9-415D-B8CB-B632C644664E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:mivoice_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "150C225A-C4A0-4CC7-91AA-8F341D8152F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:mivoice_border_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "762B1578-25AD-4ACC-A1AE-C325155F49F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:mivoice_business:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E561C59C-9E46-4FE1-8DA7-5E524FB9D87E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:mivoice_connect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1077221-796B-44E7-A278-579F41BA5DE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:open_integration_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D6F3481-E5DF-452A-AE3C-1ED648B54234",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:cloud_global_management_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD39AA6-8D0B-405C-8A69-9264C82BCDAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:email_security:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD00A81-9A08-4C24-B720-BC7C99DCF19B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2008DF4A-1AC8-4CC0-8649-823B3B6BD329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:secure_mobile_access:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD3D92A-D07F-4087-81AF-0FA78E290DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:web_application_firewall:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0220EB54-D74B-451C-8FA6-D71BF39B578F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:sonicosv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED1C215-1656-4113-B571-9479FDEB9ACF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:jetson_tx1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D05993AD-FABF-49A6-B3F5-6DF1B0835321",
"versionEndExcluding": "r28.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:jetson_tx2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1455BBEB-871A-41FE-A4BD-6DC583777252",
"versionEndExcluding": "r28.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:surface:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC248D3F-1D6D-48FC-94BA-3C24A182D172",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:microsoft:surface_book:-:*:*:*:*:*:*:*",
"matchCriteriaId": "987ECFC7-D504-488D-B977-FEC182819567",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:microsoft:surface_book:2:*:*:*:*:*:*:*",
"matchCriteriaId": "F75F0910-3EED-4365-B03E-B3295A762656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:microsoft:surface_pro:3:*:*:*:*:*:*:*",
"matchCriteriaId": "12C0B9FE-09FD-4991-BE14-499FFC728EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:microsoft:surface_pro:4:*:*:*:*:*:*:*",
"matchCriteriaId": "7585B88F-58FA-4DF2-AA99-185731253A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:microsoft:surface_pro:1796:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD7F77C-F02B-4EAF-8836-C97ACB5AFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:microsoft:surface_pro_with_lte_advanced:1807:*:*:*:*:*:*:*",
"matchCriteriaId": "A98AB09C-24D8-4B58-9F4A-EF6B42EB27C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:microsoft:surface_studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF4194A-8194-4727-8C10-4F44D5041011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"matchCriteriaId": "AEE2E768-0F45-46E1-B6D7-087917109D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"matchCriteriaId": "83B14968-3985-43C3-ACE5-8307196EFAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "66CAFDB7-9D41-4E67-AB83-5EB104551FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
"matchCriteriaId": "5B454BFE-D3AB-4CDC-B79B-F60EA3F57DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"matchCriteriaId": "CAACE735-003E-4ACB-A82E-C0CF97D7F013",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4."
},
{
"lang": "es",
"value": "Los sistemas con microprocesadores que emplean la ejecuci\u00f3n especulativa y que realizan la ejecuci\u00f3n especulativa de lecturas de memoria antes de que se conozcan las direcciones de todas las anteriores escrituras de memoria podr\u00edan permitir la divulgaci\u00f3n no autorizada de informaci\u00f3n a un atacante con acceso de usuario local mediante un an\u00e1lisis de canal lateral. Esto tambi\u00e9n se conoce como Speculative Store Bypass (SSB), Variant 4."
}
],
"id": "CVE-2018-3639",
"lastModified": "2024-11-21T04:05:48.867",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-22T12:29:00.250",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"
},
{
"source": "secure@intel.com",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"
},
{
"source": "secure@intel.com",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-22133"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/1"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/2"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/5"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104232"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040949"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1042004"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-263.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1629"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1630"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1632"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1633"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1635"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1636"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1637"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1638"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1639"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1640"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1641"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1642"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1643"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1644"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1645"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1646"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1647"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1648"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1649"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1650"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1651"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1652"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1653"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1654"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1655"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1656"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1657"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1658"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1659"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1660"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1661"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1662"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1663"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1664"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1665"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1666"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1667"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1668"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1669"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1674"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1675"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1676"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1686"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1688"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1689"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1690"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1696"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1710"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1711"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1737"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1738"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1826"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1854"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1965"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1967"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1997"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2001"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2003"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2006"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2060"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2161"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2162"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2164"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2171"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2172"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2216"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2228"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2246"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2250"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2258"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2289"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2309"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2328"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2363"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2364"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2387"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2394"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2396"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3396"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3397"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3398"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3399"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3400"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3401"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3402"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3407"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3423"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3424"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3425"
},
{
"source": "secure@intel.com",
"tags": [
"Broken Link"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0148"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1046"
},
{
"source": "secure@intel.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Third Party Advisory",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004"
},
{
"source": "secure@intel.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Jun/36"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180521-0001/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX235225"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3651-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3652-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3653-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3653-2/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3679-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3680-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3756-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3777-3/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4210"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4273"
},
{
"source": "secure@intel.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44695/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_23"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ncas/alerts/TA18-141A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-22133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040949"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1042004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-263.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1630"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1649"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1650"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1651"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1652"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1663"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1686"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1965"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2394"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3399"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3400"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3402"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Jun/36"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180521-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX235225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3651-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3652-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3653-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3653-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3679-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3680-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3756-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3777-3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4273"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44695/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ncas/alerts/TA18-141A"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-02-17 15:59
Modified
2024-11-21 02:48
Severity ?
Summary
The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securitytracker.com/id/1035015 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.zerodayinitiative.com/advisories/ZDI-16-163 | Third Party Advisory | |
| cve@mitre.org | https://support.software.dell.com/product-notification/185943 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035015 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-16-163 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.software.dell.com/product-notification/185943 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | uma_em5000_firmware | 7.2 | |
| sonicwall | uma_em5000_firmware | 8.0 | |
| sonicwall | uma_em5000_firmware | 8.1 | |
| sonicwall | uma_em5000 | - | |
| sonicwall | analyzer | 7.2 | |
| sonicwall | analyzer | 8.0 | |
| sonicwall | analyzer | 8.1 | |
| sonicwall | global_management_system | 7.2 | |
| sonicwall | global_management_system | 8.0 | |
| sonicwall | global_management_system | 8.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:uma_em5000_firmware:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "94D32881-3205-40C9-9099-D517DDD0E85F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:uma_em5000_firmware:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AC08F8A-B838-4878-A599-8FBD69EAF28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:uma_em5000_firmware:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34AECE24-76B8-4EEB-9018-F3C35FEE6A00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:uma_em5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23315AEF-29C1-4A58-A933-2A4305123D7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05DC3043-D6B1-4863-AE06-FAC32F94091B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "59AE4366-0EF5-4DD9-B533-1101AB06FC0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B30D6D7E-63DA-49F9-A904-FAC2C40B4B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C91AE401-839F-4B95-AC84-12D003B0CF59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E119AFF9-BAB9-42BA-AF89-A0C59DC4D4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36989FC7-3390-455E-8F7E-E3C4EB29D812",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de cliserver en Dell SonicWALL GMS, Analyzer y UMA EM5000 7.2, 8.0 y 8.1 en versiones anteriores a Hotfix 168056 permite a atacantes remotos deserializar y ejecutar c\u00f3digo Java arbitrario a trav\u00e9s de datos XML manipulados."
}
],
"id": "CVE-2016-2397",
"lastModified": "2024-11-21T02:48:23.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-02-17T15:59:07.690",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035015"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-163"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.software.dell.com/product-notification/185943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.software.dell.com/product-notification/185943"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-03 20:29
Modified
2024-11-21 04:15
Severity ?
Summary
A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance's, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| PSIRT@sonicwall.com | https://github.com/rapid7/metasploit-framework/pull/10305 | Exploit, Issue Tracking, Third Party Advisory | |
| PSIRT@sonicwall.com | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0007 | Third Party Advisory | |
| PSIRT@sonicwall.com | https://twitter.com/ddouhine/status/1019251292202586112 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/rapid7/metasploit-framework/pull/10305 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0007 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://twitter.com/ddouhine/status/1019251292202586112 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | global_management_system | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C42C07A-7CB7-4B3B-94F0-01EE644B6833",
"versionEndIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance\u0027s, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la falta de validaci\u00f3n de par\u00e1metros proporcionados por el usuario pasados a llamadas XML-RPC en los dispositivos virtuales SonicWall Global Management System (GMS) permite que usuarios remotos ejecuten c\u00f3digo arbitrario. Esta vulnerabilidad afecta a GMS en versiones 8.1 y anteriores."
}
],
"id": "CVE-2018-9866",
"lastModified": "2024-11-21T04:15:50.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-03T20:29:00.343",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/10305"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0007"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Third Party Advisory"
],
"url": "https://twitter.com/ddouhine/status/1019251292202586112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/10305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://twitter.com/ddouhine/status/1019251292202586112"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-26 21:29
Modified
2024-11-21 04:48
Severity ?
Summary
A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access to the appliance using existing SSH key. This vulnerability affects GMS versions 9.1, 9.0, 8.7, 8.6, 8.4, 8.3 and earlier.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 8.4 | |
| sonicwall | global_management_system | 8.6 | |
| sonicwall | global_management_system | 8.7 | |
| sonicwall | global_management_system | 9.0 | |
| sonicwall | global_management_system | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFFEBF80-7249-4CA6-A6C0-6F6329152FF8",
"versionEndIncluding": "8.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7682E7-0BD5-440C-ABA4-4054D093A57E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "431CAC0A-9915-4D07-A22D-4D674ACC7DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD3B183-8BA1-4021-882B-C06ED1C39D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8110BA2E-3C68-4C91-BD84-1E2E53AB31AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CCAD1F4-A32A-41FD-B3F6-418625A9179C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access to the appliance using existing SSH key. This vulnerability affects GMS versions 9.1, 9.0, 8.7, 8.6, 8.4, 8.3 and earlier."
},
{
"lang": "es",
"value": "Una vulnerabilidad en SonicWall Global Management System (GMS) permite a un atacante remoto obtener acceso empleando una clave SSH existente. Esta vulnerabilidad afecta las versiones de GMS 9.1, 9.0, 8.7, 8.6, 8.4, 8.3 y anteriores."
}
],
"id": "CVE-2019-7476",
"lastModified": "2024-11-21T04:48:15.337",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-26T21:29:00.487",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0004"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1188"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-13 11:15
Modified
2024-11-21 05:45
Severity ?
Summary
SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application's binaries and configuration files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | global_management_system | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application\u0027s binaries and configuration files."
},
{
"lang": "es",
"value": "SonicWall GMS es vulnerable a la manipulaci\u00f3n de rutas de archivos, lo que hace que un atacante no autenticado pueda acceder al directorio web que contiene los archivos binarios y de configuraci\u00f3n de la aplicaci\u00f3n"
}
],
"id": "CVE-2021-20030",
"lastModified": "2024-11-21T05:45:48.980",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-13T11:15:09.747",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0021"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-13 01:15
Modified
2024-11-21 08:06
Severity ?
Summary
The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BFA6B7-2070-4FCA-B27C-5ED1047B1101",
"versionEndIncluding": "2.5.0.4-r7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2E8493ED-1A01-4FAA-9608-4481DDD0D69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89A96771-621F-4D0D-B667-0A99F5F76789",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"id": "CVE-2023-34124",
"lastModified": "2024-11-21T08:06:35.847",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T01:15:08.723",
"references": [
{
"source": "PSIRT@sonicwall.com",
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-305"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-13 03:15
Modified
2024-11-21 08:06
Severity ?
Summary
SonicWall GMS and Analytics CAS Web Services application use static values for authentication without proper checks leading to authentication bypass vulnerability. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BFA6B7-2070-4FCA-B27C-5ED1047B1101",
"versionEndIncluding": "2.5.0.4-r7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2E8493ED-1A01-4FAA-9608-4481DDD0D69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89A96771-621F-4D0D-B667-0A99F5F76789",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicWall GMS and Analytics CAS Web Services application use static values for authentication without proper checks leading to authentication bypass vulnerability. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"id": "CVE-2023-34137",
"lastModified": "2024-11-21T08:06:37.550",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T03:15:09.827",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-305"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-13 03:15
Modified
2024-11-21 08:06
Severity ?
Summary
Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics enables an unauthenticated attacker to access restricted web pages. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BFA6B7-2070-4FCA-B27C-5ED1047B1101",
"versionEndIncluding": "2.5.0.4-r7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2E8493ED-1A01-4FAA-9608-4481DDD0D69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89A96771-621F-4D0D-B667-0A99F5F76789",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics enables an unauthenticated attacker to access restricted web pages. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"id": "CVE-2023-34131",
"lastModified": "2024-11-21T08:06:36.777",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T03:15:09.470",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-20 18:59
Modified
2024-11-21 02:30
Severity ?
Summary
The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | uma_em5000_firmware | * | |
| sonicwall | uma_em5000 | - | |
| sonicwall | analyzer | * | |
| sonicwall | global_management_system | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:uma_em5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A51CB7D8-08D9-4716-8D39-F33596DCFD18",
"versionEndIncluding": "7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:uma_em5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23315AEF-29C1-4A58-A933-2A4305123D7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB379556-F957-439C-8644-DFD96C9BBE8D",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8DADDE6-6E5A-4C12-8B37-C9A173B05481",
"versionEndIncluding": "7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n web GMS ViewPoint (GMSVP) en Dell Sonicwall GMS, Analyzer, y UMA EM5000 anterior a 7.2 SP4 permite a usuarios remotos autenticados ejecutar comandos arbitrarios a trav\u00e9s de vectores relacionados con la configuraci\u00f3n."
}
],
"id": "CVE-2015-3990",
"lastModified": "2024-11-21T02:30:13.283",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-20T18:59:05.793",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"url": "http://www.securityfocus.com/bid/74756"
},
{
"source": "zdi-disclosures@trendmicro.com",
"url": "http://www.securitytracker.com/id/1032373"
},
{
"source": "zdi-disclosures@trendmicro.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-231/"
},
{
"source": "zdi-disclosures@trendmicro.com",
"url": "https://support.software.dell.com/product-notification/152178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-231/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.software.dell.com/product-notification/152178"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-14 04:29
Modified
2024-11-21 04:09
Severity ?
Summary
SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analyzer | * | |
| sonicwall | analyzer | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B3B63A0-27F2-48D2-B59D-529344EFDA22",
"versionEndIncluding": "7.2",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24DCFA6F-DA37-40D7-8F89-1196B8C100E0",
"versionEndIncluding": "8.4",
"versionStartIncluding": "8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77F25B0D-FBE2-41DC-8732-E54595E3741C",
"versionEndIncluding": "7.2",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F92C62C3-DB42-4E9C-B8CF-F90E7557A4F7",
"versionEndIncluding": "8.4",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module."
},
{
"lang": "es",
"value": "SonicWall Global Management System (GMS) 8.1 tiene XSS mediante los valores \"newName\" y \"Name\" del m\u00f3dulo \"/sgms/TreeControl\"."
}
],
"id": "CVE-2018-5691",
"lastModified": "2024-11-21T04:09:10.757",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-14T04:29:00.287",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://documents.software.dell.com/sonicwall-gms-os/8.2/release-notes/known-issues?ParentProduct=867"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0003"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.vulnerability-lab.com/get_content.php?id=1819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://documents.software.dell.com/sonicwall-gms-os/8.2/release-notes/known-issues?ParentProduct=867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.vulnerability-lab.com/get_content.php?id=1819"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-13 03:15
Modified
2024-11-21 08:06
Severity ?
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SonicWall GMS and Analytics allows an unauthenticated attacker to extract sensitive information from the application database. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BFA6B7-2070-4FCA-B27C-5ED1047B1101",
"versionEndIncluding": "2.5.0.4-r7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2E8493ED-1A01-4FAA-9608-4481DDD0D69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89A96771-621F-4D0D-B667-0A99F5F76789",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in SonicWall GMS and Analytics allows an unauthenticated attacker to extract sensitive information from the application database. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"id": "CVE-2023-34133",
"lastModified": "2024-11-21T08:06:37.027",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T03:15:09.590",
"references": [
{
"source": "PSIRT@sonicwall.com",
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-11 16:15
Modified
2024-11-21 01:49
Severity ?
Summary
An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analyzer | 7.0 | |
| sonicwall | global_management_system | 4.1 | |
| sonicwall | global_management_system | 5.0 | |
| sonicwall | global_management_system | 5.1 | |
| sonicwall | global_management_system | 6.0 | |
| sonicwall | global_management_system | 7.0 | |
| sonicwall | universal_management_appliance | 5.1 | |
| sonicwall | universal_management_appliance | 6.0 | |
| sonicwall | universal_management_appliance | 7.0 | |
| sonicwall | viewpoint | 4.1 | |
| sonicwall | viewpoint | 5.0 | |
| sonicwall | viewpoint | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9ABA5C-59AF-496A-B22E-0C88892EC8FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3627733D-E0CD-4E00-8D36-AB4EF784977C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60563570-4865-4D8B-9E24-A371CABE1BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EFEF89-357C-4EC2-B6A3-C803E64A2227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE35F845-3A01-4974-BD7C-88CBE759830D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF95BB8-DF0B-4131-8A89-82DE559CC09B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:universal_management_appliance:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AC115CB-0F22-47C8-86F3-9990058896FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:universal_management_appliance:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "160BD653-09A8-4939-9A5D-8EED7B5B4D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:universal_management_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "747153CA-2225-40A3-9C21-E9E62C24892B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:viewpoint:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE97B72B-31B2-4E2D-99EE-81A1C645CDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:viewpoint:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28C845AC-8B12-4147-A5D7-9D5E4C7953EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:viewpoint:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1589B409-1AF8-4789-90C3-6E1DFA14677E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Omisi\u00f3n de Autenticaci\u00f3n en DELL SonicWALL Global Management System (GMS) versiones 4.1, 5.0, 5.1, 6.0 y 7.0, Analyzer versi\u00f3n 7.0, Universal Management Appliance (UMA) versiones 5.1, 6.0 y 7.0 y ViewPoint versiones 4.1, 5.0 y 6.0, por medio de una petici\u00f3n dise\u00f1ada en la interfaz SGMS, que podr\u00eda permitir a un usuario malicioso remoto obtener acceso administrativo."
}
],
"id": "CVE-2013-1360",
"lastModified": "2024-11-21T01:49:25.667",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T16:15:12.227",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/24203"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/57446"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1028007"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81366"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/24203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/57446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1028007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1360"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-13 02:15
Modified
2024-11-21 08:06
Severity ?
Summary
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in SonicWall GMS and Analytics allows an authenticated remote attacker to traverse the directory and extract arbitrary files using Zip Slip method to any location on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BFA6B7-2070-4FCA-B27C-5ED1047B1101",
"versionEndIncluding": "2.5.0.4-r7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2E8493ED-1A01-4FAA-9608-4481DDD0D69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89A96771-621F-4D0D-B667-0A99F5F76789",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability in SonicWall GMS and Analytics allows an authenticated remote attacker to traverse the directory and extract arbitrary files using Zip Slip method to any location on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"id": "CVE-2023-34129",
"lastModified": "2024-11-21T08:06:36.537",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T02:15:09.303",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-13 03:15
Modified
2024-11-21 08:06
Severity ?
Summary
Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BFA6B7-2070-4FCA-B27C-5ED1047B1101",
"versionEndIncluding": "2.5.0.4-r7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2E8493ED-1A01-4FAA-9608-4481DDD0D69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89A96771-621F-4D0D-B667-0A99F5F76789",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"id": "CVE-2023-34132",
"lastModified": "2024-11-21T08:06:36.900",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T03:15:09.533",
"references": [
{
"source": "PSIRT@sonicwall.com",
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-836"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-02-17 15:59
Modified
2024-11-21 02:48
Severity ?
Summary
The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analyzer | 7.2 | |
| sonicwall | analyzer | 8.0 | |
| sonicwall | analyzer | 8.1 | |
| sonicwall | global_management_system | 7.2 | |
| sonicwall | global_management_system | 8.0 | |
| sonicwall | global_management_system | 8.1 | |
| sonicwall | uma_em5000_firmware | 7.2 | |
| sonicwall | uma_em5000_firmware | 8.0 | |
| sonicwall | uma_em5000_firmware | 8.1 | |
| sonicwall | uma_em5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05DC3043-D6B1-4863-AE06-FAC32F94091B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "59AE4366-0EF5-4DD9-B533-1101AB06FC0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B30D6D7E-63DA-49F9-A904-FAC2C40B4B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C91AE401-839F-4B95-AC84-12D003B0CF59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E119AFF9-BAB9-42BA-AF89-A0C59DC4D4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36989FC7-3390-455E-8F7E-E3C4EB29D812",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:uma_em5000_firmware:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "94D32881-3205-40C9-9099-D517DDD0E85F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:uma_em5000_firmware:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AC08F8A-B838-4878-A599-8FBD69EAF28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:uma_em5000_firmware:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34AECE24-76B8-4EEB-9018-F3C35FEE6A00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:uma_em5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23315AEF-29C1-4A58-A933-2A4305123D7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n web GMS ViewPoint (GMSVP) en Dell SonicWALL GMS, Analyzer y UMA EM5000 7.2, 8.0 y 8.1 en versiones anteriores a Hotfix 168056 permite a usuarios remotos autenticados ejecutar comandos arbitrarios a trav\u00e9s de vectores relacionados con la entrada de configuraci\u00f3n."
}
],
"id": "CVE-2016-2396",
"lastModified": "2024-11-21T02:48:22.993",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-02-17T15:59:06.737",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"url": "http://www.securitytracker.com/id/1035015"
},
{
"source": "zdi-disclosures@trendmicro.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-164"
},
{
"source": "zdi-disclosures@trendmicro.com",
"url": "https://support.software.dell.com/product-notification/185943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.software.dell.com/product-notification/185943"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-13 03:15
Modified
2024-11-21 08:06
Severity ?
Summary
Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator password hash via a web service call. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analytics | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BFA6B7-2070-4FCA-B27C-5ED1047B1101",
"versionEndIncluding": "2.5.0.4-r7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02CDB54F-B795-42B3-A406-22D7E4A03ACB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2E8493ED-1A01-4FAA-9608-4481DDD0D69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89A96771-621F-4D0D-B667-0A99F5F76789",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator password hash via a web service call. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"id": "CVE-2023-34134",
"lastModified": "2024-11-21T08:06:37.150",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T03:15:09.647",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-25 15:59
Modified
2024-11-21 02:19
Severity ?
Summary
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/71241 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.zerodayinitiative.com/advisories/ZDI-14-385/ | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/98911 | VDB Entry | |
| cve@mitre.org | https://support.software.dell.com/product-notification/136814 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/71241 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-14-385/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/98911 | VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.software.dell.com/product-notification/136814 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | analyzer | 7.2 | |
| sonicwall | global_management_system | 7.2 | |
| sonicwall | uma_em5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:7.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "45C372C6-BEFE-4839-87F6-ECA3E83554DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "BCBFA0E1-2897-42BB-87F3-19731E95C5DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:uma_em5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23315AEF-29C1-4A58-A933-2A4305123D7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n web ViewPoint en Dell SonicWALL Global Management System (GMS) anterior a 7.2 SP2, SonicWALL Analyzer anterior a 7.2 SP2, y SonicWALL UMA anterior a 7.2 SP2 permite a usuarios remotos autenticados ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-8420",
"lastModified": "2024-11-21T02:19:03.163",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-25T15:59:04.637",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/71241"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-385/"
},
{
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98911"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.software.dell.com/product-notification/136814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/71241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-385/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.software.dell.com/product-notification/136814"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-14 16:55
Modified
2024-11-21 02:01
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inject arbitrary web script or HTML via the node_id parameter in a ScreenDisplayManager genNetwork action.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | global_management_system | 7.0 | |
| sonicwall | global_management_system | 7.1 | |
| sonicwall | global_management_system | 7.1 | |
| sonicwall | uma_e5000 | - | |
| sonicwall | analyzer | 7.0 | |
| sonicwall | analyzer | 7.1 | |
| sonicwall | analyzer | 7.1 | |
| sonicwall | global_management_system | 7.0 | |
| sonicwall | global_management_system | 7.1 | |
| sonicwall | global_management_system | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF95BB8-DF0B-4131-8A89-82DE559CC09B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF555F86-D3E0-4763-9E9A-C26D5C986FC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "418595FE-EBFA-4B1D-A479-171BBD56279A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:uma_e5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F6C2F1-8C1A-4BAD-8F49-464258B09354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9ABA5C-59AF-496A-B22E-0C88892EC8FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8078DCDB-FC88-41C8-BE14-688B5F4911E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "19E54EA9-F9F8-47FA-9F31-C05C2AE59539",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF95BB8-DF0B-4131-8A89-82DE559CC09B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF555F86-D3E0-4763-9E9A-C26D5C986FC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "418595FE-EBFA-4B1D-A479-171BBD56279A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inject arbitrary web script or HTML via the node_id parameter in a ScreenDisplayManager genNetwork action."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en mainPage en Dell SonicWALL GMS anterior a 7.1 SP2, SonicWALL Analyzer anterior a 7.1 SP2 y SonicWALL UMA E5000 anterior a 7.1 SP2 podr\u00eda permitir a atacantes remotos inyectar script Web o HTML arbitrarios a trav\u00e9s del par\u00e1metro node_id en una acci\u00f3n ScreenDisplayManager genNetwork."
}
],
"id": "CVE-2014-0332",
"lastModified": "2024-11-21T02:01:53.810",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-02-14T16:55:08.030",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/103216"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/727318"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65498"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_XSS_Resolved_in_7.1_SP2_and_7.2.pdf"
},
{
"source": "cret@cert.org",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/103216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/727318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_XSS_Resolved_in_7.1_SP2_and_7.2.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91062"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-12-31 00:15
Modified
2024-11-21 04:48
Severity ?
Summary
A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module. This vulnerability affected GMS versions GMS 8.4, 8.5, 8.6, 8.7, 9.0 and 9.1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | global_management_system | 8.4 | |
| sonicwall | global_management_system | 8.5 | |
| sonicwall | global_management_system | 8.6 | |
| sonicwall | global_management_system | 8.7 | |
| sonicwall | global_management_system | 9.0 | |
| sonicwall | global_management_system | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7682E7-0BD5-440C-ABA4-4054D093A57E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "697FE8A0-619E-49AB-9B94-929DE1523781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "431CAC0A-9915-4D07-A22D-4D674ACC7DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD3B183-8BA1-4021-882B-C06ED1C39D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8110BA2E-3C68-4C91-BD84-1E2E53AB31AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CCAD1F4-A32A-41FD-B3F6-418625A9179C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module. This vulnerability affected GMS versions GMS 8.4, 8.5, 8.6, 8.7, 9.0 and 9.1."
},
{
"lang": "es",
"value": "Una vulnerabilidad en GMS permite una inyecci\u00f3n de SQL a usuarios no autenticados en el m\u00f3dulo de servicio web. Esta vulnerabilidad afect\u00f3 a GMS versiones GMS 8.4, 8.5, 8.6, 8.7, 9.0 y 9.1."
}
],
"id": "CVE-2019-7478",
"lastModified": "2024-11-21T04:48:15.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-31T00:15:13.400",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0011"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-13 00:15
Modified
2024-11-21 08:06
Severity ?
Summary
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | * | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | global_management_system | 9.3.2 | |
| sonicwall | analytics | * | |
| sonicwall | analytics | 2.5.0.4-r7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:virtual_appliance:*:*:*",
"matchCriteriaId": "12CB3495-2949-4D79-98F9-2156B0296C94",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:windows:*:*:*",
"matchCriteriaId": "6215D18A-7254-453B-93BF-4FFD8417D0AB",
"versionEndExcluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:virtual_appliance:*:*:*",
"matchCriteriaId": "9F193D8D-EC75-49E4-9510-74534518A276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:-:*:*:windows:*:*:*",
"matchCriteriaId": "7D33D05B-F776-44C7-BE77-B0656C9449A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:virtual_appliance:*:*:*",
"matchCriteriaId": "C00FB351-6120-4C1B-B621-2D7C1ED13966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.3.2:sp1:*:*:windows:*:*:*",
"matchCriteriaId": "654B1441-A169-499C-B061-8E49535FC60D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3141B9EA-D34E-4F30-B4D8-413505FBEC53",
"versionEndExcluding": "2.5.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sonicwall:analytics:2.5.0.4-r7:*:*:*:*:*:*:*",
"matchCriteriaId": "8C05380F-06DD-40DE-B5F3-E6E2E188D229",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"id": "CVE-2023-34123",
"lastModified": "2024-11-21T08:06:35.690",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-13T00:15:24.387",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-321"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}