Search criteria
2327 vulnerabilities found for junos by juniper
FKIE_CVE-2025-21601
Vulnerability from fkie_nvd - Published: 2025-04-09 20:15 - Updated: 2025-08-11 15:03
Severity ?
Summary
An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an unauthenticated, network-based attacker, sending genuine traffic targeted to the device to cause the CPU to climb until the device becomes unresponsive.
Continuous receipt of these packets will create a sustained Denial of Service (DoS) condition.
This issue affects Junos OS:
* All versions before 21.4R3-S9,
* from 22.2 before 22.2R3-S5,
* from 22.4 before 22.4R3-S4,
* from 23.2 before 23.2R2-S3,
* from 23.4 before 23.4R2-S3,
* from 24.2 before 24.2R1-S1, 24.2R2.
An indicator of compromise is to review the CPU % of the httpd process in the CLI:
e.g.
show system processes extensive | match httpd PID nobody 52 0 20M 191M select 2 0:01 80.00% httpd{httpd} <<<<< the percentage of httpd usage if high may be an indicator
References
| URL | Tags | ||
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA96452 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F114437-8479-455F-93C6-2211A8C754A5",
"versionEndIncluding": "21.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "C470FB4E-A927-4AF3-ACB0-AD1E264218B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "44E98BC3-1D43-481A-AB09-FFA502C36AAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "1A0DA88F-6C61-4FEA-ABF3-99F7DD43DB0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s8:*:*:*:*:*:*",
"matchCriteriaId": "25B4FC60-140D-49EF-8011-A5888D8493B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "BC449CC7-B2D6-41CB-8D6C-81DE89E79520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "05E47861-3311-45E2-A722-8CD7FFDC2DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "EBB967BF-3495-476D-839A-9DBFCBE69F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "7E5688D6-DCA4-4550-9CD1-A3D792252129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8494546C-00EA-49B6-B6FA-FDE42CA5B1FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "8BB98579-FA33-4E41-A162-A46E9709FBD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "08E2562F-FB18-4347-8497-7D61B8157EBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*",
"matchCriteriaId": "1A78CC80-E8B1-4CDA-BB35-A61833657FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F1B16FF0-900F-4AEE-B670-A537139F6909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "B227E831-30FF-4BE1-B8B2-31829A5610A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "1ADA814B-EF98-45B1-AF7A-0C89688F7CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "A6FB32DF-D062-4FB9-8777-452978BEC7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "B3B6C811-5C10-4486-849D-5559B592350A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*",
"matchCriteriaId": "78481ABC-3620-410D-BC78-334657E0BB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "BE8A5BA3-87BD-473A-B229-2AAB2C797005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8B74AC3E-8FC9-400A-A176-4F7F21F10756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "CB2D1FCE-8019-4CE1-BA45-D62F91AF7B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "175CCB13-76C0-44A4-A71D-41E22B92EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "166BFDB3-1945-4949-BC2B-E18442FF2E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "5923610F-878C-48CA-8B5D-9C609E4DD4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*",
"matchCriteriaId": "89524D6D-0B22-4952-AD8E-8072C5A05D5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "AD69A194-1B03-44EA-8092-79BD10C6F729",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of\u00a0Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an\u00a0unauthenticated, network-based attacker, sending genuine traffic targeted to the device to cause the CPU to climb until the device becomes unresponsive. \n\nContinuous receipt of these packets will create a sustained Denial of Service (DoS) condition.\n\n\n\n\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.4R3-S9,\n * from 22.2 before 22.2R3-S5,\n * from 22.4 before 22.4R3-S4,\n * from 23.2 before 23.2R2-S3,\n * from 23.4 before 23.4R2-S3,\n * from 24.2 before 24.2R1-S1, 24.2R2.\n\n\nAn indicator of compromise is to review the CPU % of the httpd process in the CLI:\ne.g.\n\u00a0\u00a0show system processes extensive | match httpd\u00a0 PID nobody \u00a0 \u00a0 \u00a0 52 \u00a0 0 \u00a0 20M\u00a0 \u00a0 191M select \u00a0 2 \u00a0 0:01 \u00a0 80.00% httpd{httpd} \u003c\u003c\u003c\u003c\u003c the percentage of httpd usage if high may be an indicator"
},
{
"lang": "es",
"value": "Una vulnerabilidad de seguimiento incorrecto de la especificaci\u00f3n por parte del llamador en la administraci\u00f3n web (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) de Juniper Networks Junos OS en SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series) permite que un atacante no autenticado basado en la red env\u00ede tr\u00e1fico genuino dirigido al dispositivo para hacer que la CPU aumente su capacidad hasta que el dispositivo deje de responder. La recepci\u00f3n continua de estos paquetes crear\u00e1 una condici\u00f3n sostenida de denegaci\u00f3n de servicio (DoS).\n\nEste problema afecta a Junos OS:\n * Todas las versiones anteriores a 21.4R3-S9,\n * desde 22.2 hasta 22.2R3-S5,\n * desde 22.4 hasta 22.4R3-S4,\n * desde 23.2 hasta 23.2R2-S3,\n * desde 23.4 hasta 23.4R2-S3,\n * desde 24.2 Antes de 24.2R1-S1, 24.2R2.\n\nUn indicador de vulnerabilidad es revisar el porcentaje de CPU del proceso httpd en la CLI: p. ej.,\n\"show system processes extensive | match httpd PID nobody 52 0 20M 191M select 2 0:01 80.00% httpd{httpd} \u0026lt;\u0026lt;\u0026lt;\u0026lt;\u0026lt; un indicador puede ser un elevado uso por parte de httpd\".\n"
}
],
"id": "CVE-2025-21601",
"lastModified": "2025-08-11T15:03:15.180",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "YES",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
},
"published": "2025-04-09T20:15:26.350",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA96452"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-573"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-21590
Vulnerability from fkie_nvd - Published: 2025-03-12 14:15 - Updated: 2025-10-24 16:44
Severity ?
Summary
An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device.
A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device.
This issue is not exploitable from the Junos CLI.
This issue affects Junos OS:
* All versions before 21.2R3-S9,
* 21.4 versions before 21.4R3-S10,
* 22.2 versions before 22.2R3-S6,
* 22.4 versions before 22.4R3-S6,
* 23.2 versions before 23.2R2-S3,
* 23.4 versions before 23.4R2-S4,
* 24.2 versions before 24.2R1-S2, 24.2R2.
References
Impacted products
{
"cisaActionDue": "2025-04-03",
"cisaExploitAdd": "2025-03-13",
"cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:*:-:*:*:*:*:*:*",
"matchCriteriaId": "7BE0AAE6-1CD8-40CA-B48F-8831395F5097",
"versionEndIncluding": "21.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "737DDF96-7B1D-44E2-AD0F-E2F50858B2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "35E0BB39-18AE-4FAD-A528-FDFF6222DDE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s8:*:*:*:*:*:*",
"matchCriteriaId": "5DCAA120-20A2-43D8-87D3-716225CE233F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A1C641-97E3-4844-96CE-B783EE9A0639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "C470FB4E-A927-4AF3-ACB0-AD1E264218B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "44E98BC3-1D43-481A-AB09-FFA502C36AAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "1A0DA88F-6C61-4FEA-ABF3-99F7DD43DB0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s8:*:*:*:*:*:*",
"matchCriteriaId": "25B4FC60-140D-49EF-8011-A5888D8493B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s9:*:*:*:*:*:*",
"matchCriteriaId": "4CB6507D-FFEF-44B4-B27B-0FA8B4A3B3D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "BC449CC7-B2D6-41CB-8D6C-81DE89E79520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "05E47861-3311-45E2-A722-8CD7FFDC2DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "748EAB0A-6B22-4098-8735-CC76BEAA9BB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F99AF592-0553-4E6F-8561-5F031A82A822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "EBB967BF-3495-476D-839A-9DBFCBE69F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "7E5688D6-DCA4-4550-9CD1-A3D792252129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8494546C-00EA-49B6-B6FA-FDE42CA5B1FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "8BB98579-FA33-4E41-A162-A46E9709FBD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "08E2562F-FB18-4347-8497-7D61B8157EBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "494D1D96-1DA2-4B0A-9536-1B5A4FDFCA09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "60A1E37B-1990-44D9-87FE-300678243BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*",
"matchCriteriaId": "1A78CC80-E8B1-4CDA-BB35-A61833657FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F1B16FF0-900F-4AEE-B670-A537139F6909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "B227E831-30FF-4BE1-B8B2-31829A5610A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "1ADA814B-EF98-45B1-AF7A-0C89688F7CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "A6FB32DF-D062-4FB9-8777-452978BEC7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "B3B6C811-5C10-4486-849D-5559B592350A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0DAE7546-B585-4C6E-A9E6-D07C7FE1AD8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*",
"matchCriteriaId": "78481ABC-3620-410D-BC78-334657E0BB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "BE8A5BA3-87BD-473A-B229-2AAB2C797005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8B74AC3E-8FC9-400A-A176-4F7F21F10756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "CB2D1FCE-8019-4CE1-BA45-D62F91AF7B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "175CCB13-76C0-44A4-A71D-41E22B92EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "166BFDB3-1945-4949-BC2B-E18442FF2E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "5923610F-878C-48CA-8B5D-9C609E4DD4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "A7C207E3-0252-4192-8E8C-E2ED2831B4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB144AB0-6192-41FA-96A0-3CCA399FA10B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*",
"matchCriteriaId": "89524D6D-0B22-4952-AD8E-8072C5A05D5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "AD69A194-1B03-44EA-8092-79BD10C6F729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8463ADB4-B8A7-4D63-97A9-232ED713A21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "266B520A-482A-43F7-90F8-B9D64D30034F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device.\n\nA local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device.\nThis issue is not exploitable from the Junos CLI.\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.2R3-S9,\n * 21.4 versions before 21.4R3-S10,\u00a0\n * 22.2 versions before 22.2R3-S6,\u00a0\n * 22.4 versions before 22.4R3-S6,\u00a0\n * 23.2 versions before 23.2R2-S3,\u00a0\n * 23.4 versions before 23.4R2-S4,\n * 24.2 versions before 24.2R1-S2, 24.2R2."
},
{
"lang": "es",
"value": "Una vulnerabilidad de aislamiento o compartimentaci\u00f3n inadecuados en el kernel de Junos OS de Juniper Networks permite a un atacante local con privilegios elevados comprometer la integridad del dispositivo. Un atacante local con acceso al shell puede inyectar c\u00f3digo arbitrario que puede comprometer un dispositivo afectado. Este problema no se puede explotar desde la interfaz de l\u00ednea de comandos de Junos. Este problema afecta a Junos OS: * Todas las versiones anteriores a 21.2R3-S9, * Versiones 21.4 anteriores a 21.4R3-S10, * Versiones 22.2 anteriores a 22.2R3-S6, * Versiones 22.4 anteriores a 22.4R3-S6, * Versiones 23.2 anteriores a 23.2R2-S3, * Versiones 23.4 anteriores a 23.4R2-S4, * Versiones 24.2 anteriores a 24.2R1-S2 y 24.2R2."
}
],
"id": "CVE-2025-21590",
"lastModified": "2025-10-24T16:44:13.830",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
},
"published": "2025-03-12T14:15:15.447",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory"
],
"url": "https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers"
},
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA93446"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21590"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-653"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-39549
Vulnerability from fkie_nvd - Published: 2024-07-11 17:15 - Updated: 2024-11-21 09:27
Severity ?
Summary
A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).
Consumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).
Memory utilization could be monitored by:
user@host> show system memory or show system monitor memory status
This issue affects:
Junos OS: * All versions before 21.2R3-S8,
* from 21.4 before 21.4R3-S8,
* from 22.2 before 22.2R3-S4,
* from 22.3 before 22.3R3-S3,
* from 22.4 before 22.4R3-S3,
* from 23.2 before 23.2R2-S1,
* from 23.4 before 23.4R1-S2, 23.4R2.
Junos OS Evolved:
* All versions before 21.2R3-S8-EVO,
* from 21.4 before 21.4R3-S8-EVO,
* from 22.2 before 22.2R3-S4-EVO,
* from 22.3 before 22.3R3-S3-EVO,
* from 22.4 before 22.4R3-S3-EVO,
* from 23.2 before 23.2R2-S1-EVO,
* from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO.
References
| URL | Tags | ||
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA83011 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/JSA83011 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6137CE1A-C9AC-4FDE-801F-E40249F902BC",
"versionEndIncluding": "21.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "737DDF96-7B1D-44E2-AD0F-E2F50858B2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "35E0BB39-18AE-4FAD-A528-FDFF6222DDE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "C470FB4E-A927-4AF3-ACB0-AD1E264218B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "44E98BC3-1D43-481A-AB09-FFA502C36AAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "1A0DA88F-6C61-4FEA-ABF3-99F7DD43DB0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "BC449CC7-B2D6-41CB-8D6C-81DE89E79520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "20EBC676-1B26-4A71-8326-0F892124290A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8BCDE58C-80CC-4C5A-9667-8A4468D8D76C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "19326769-2F08-4E61-8246-CCE7AE4483F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "EBB967BF-3495-476D-839A-9DBFCBE69F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "7E5688D6-DCA4-4550-9CD1-A3D792252129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8494546C-00EA-49B6-B6FA-FDE42CA5B1FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "8BB98579-FA33-4E41-A162-A46E9709FBD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*",
"matchCriteriaId": "1A78CC80-E8B1-4CDA-BB35-A61833657FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F1B16FF0-900F-4AEE-B670-A537139F6909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "B227E831-30FF-4BE1-B8B2-31829A5610A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "1ADA814B-EF98-45B1-AF7A-0C89688F7CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*",
"matchCriteriaId": "78481ABC-3620-410D-BC78-334657E0BB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "BE8A5BA3-87BD-473A-B229-2AAB2C797005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8B74AC3E-8FC9-400A-A176-4F7F21F10756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*",
"matchCriteriaId": "89524D6D-0B22-4952-AD8E-8072C5A05D5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "AD69A194-1B03-44EA-8092-79BD10C6F729",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8404916-D496-41C8-896B-24BAFE956C11",
"versionEndIncluding": "21.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "620B0CDD-5566-472E-B96A-31D2C12E3120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "3EA3DC63-B290-4D15-BEF9-21DEF36CA2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "7E1E57AF-979B-4022-8AD6-B3558E06B718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "144730FB-7622-4B3D-9C47-D1B7A7FB7EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "7BA246F0-154E-4F44-A97B-690D22FA73DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "25D6C07C-F96E-4523-BB54-7FEABFE1D1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2B70C784-534B-4FAA-A5ED-3709656E2B97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "60448FFB-568E-4280-9261-ADD65244F31A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "2B770C52-7E3E-4B92-9138-85DEC56F3B22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "E88AC378-461C-4EFA-A04B-5786FF21FE03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "3B0AFB30-81DC-465C-9F63-D1B15EA4809A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "2035F0AC-29E7-478A-A9D0-BAA3A88B3413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "C34ABD4B-B045-4046-9641-66E3B2082A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "6D5DC04F-18DE-403B-BE93-2251F3332C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "909FC378-EBFE-4BA9-8393-0C8301438020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "DB299492-A919-4EBA-A62A-B3CF02FC0A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "74ED0939-D5F8-4334-9838-40F29DE3597F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "C6937069-8C19-4B01-8415-ED7E9EAE2CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "97DB6DD5-F5DD-4AE1-AF2F-8DB9E18FF882",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "21DF05B8-EF7E-422F-8831-06904160714C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "492FCE45-68A1-4378-85D4-C4034FE0D836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "522114CC-1505-4205-B4B8-797DE1BD833B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "C9D664AB-0FA7-49C7-B6E1-69C77652FBEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "9DB01252-2F11-41DB-9023-C74FD723334E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "F91450D5-F8CE-42EA-BB7E-312FCE024CD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "4E616550-8711-4282-A8A1-11BD5974E650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "C7FEFD0A-A969-4F53-8668-1231FD675D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "F7E76F5F-DB37-4B7F-9247-3CEB4EBD7696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "C63DBEE5-B0C2-498F-A672-B6596C89B0A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "9370C46D-3AA1-4562-B67F-DF6EA10F209B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "1FD8C240-A7FE-4FD5-ADCC-289C1BC461BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "2FB9F20B-7683-4B0D-8D2B-5569414EBC29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "BE2EF84D-55A9-41DC-A324-69E1DC426D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "433631CA-3AC4-4D66-9B46-AEA4209347F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "6E4CD8AD-277A-4FC5-A102-3E151060C216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BC09BAC-83E7-48CE-B571-ED49277B2987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "FA4481D2-F693-48A5-8DBC-E86430987A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "136CA584-2475-4A14-9771-F367180201D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4546776C-A657-42E3-9A36-47F9F59A88AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "156DD8ED-CE6E-48C0-9E67-16B04767D62E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "10F9C2B1-BD81-4EDC-ADF5-4B0F39001C7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "61F649B0-0121-4760-9432-5F57214EFC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "04CE952D-E3C1-4B34-9E65-EC52BFE887AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "8AE9D1A7-4721-4E1D-B965-FDC38126B1DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "A8643AA3-29EF-48A7-B033-CB60988E214B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "9800BA03-E6BF-4212-B2E7-69C0FD27D294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "ACCA655D-C542-44F1-B183-4C864CFF2D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "6D499B19-A91A-4B76-B1CB-6A07A4CB212B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*",
"matchCriteriaId": "6DEAA7FD-385F-4221-907E-65ABC16BE4BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "DDEC008A-3137-48D1-8ABC-6DB0EFC40E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "558D234D-BC50-415F-86D6-8E19D6C3ACE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "33F4EEEE-77E9-4973-A770-99E7BA2F05F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "A4BB6910-B994-45FD-8153-5EC00EE842E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*",
"matchCriteriaId": "9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "7147BA60-30A5-4CED-9AAF-F6BEA0528B89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:-:*:*:*:*:*:*",
"matchCriteriaId": "0DD89AAD-C615-42AF-B8AF-E6067862F0F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "28AFF11D-E418-4A76-B557-F60622602537",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).\n\nConsumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).\n\nMemory utilization could be monitored by:\u00a0\nuser@host\u003e show system memory or show system monitor memory status\n\nThis issue affects:\n\nJunos OS:\u00a0 * All versions before 21.2R3-S8,\u00a0\n * from 21.4 before 21.4R3-S8,\n\n * from 22.2 before 22.2R3-S4,\u00a0\n * from 22.3 before 22.3R3-S3,\u00a0\n * from 22.4 before 22.4R3-S3,\n * from 23.2 before 23.2R2-S1,\u00a0\n * from 23.4 before 23.4R1-S2, 23.4R2.\n\n\nJunos OS Evolved:\n * All versions before 21.2R3-S8-EVO, \n * from 21.4 before 21.4R3-S8-EVO,\n * from 22.2 before 22.2R3-S4-EVO, \n * from 22.3 before 22.3R3-S3-EVO, \n * from 22.4 before 22.4R3-S3-EVO,\n\n * from 23.2 before 23.2R2-S1-EVO, \n * from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO."
},
{
"lang": "es",
"value": "Una vulnerabilidad de liberaci\u00f3n de memoria faltante despu\u00e9s de la vida \u00fatil efectiva en Routing Process Daemon (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite a un atacante enviar una actualizaci\u00f3n del atributo de ruta BGP con formato incorrecto que asigna la memoria utilizada para registrar el atributo de ruta incorrecta. Esta memoria no se libera correctamente en todas las circunstancias, lo que provoca una denegaci\u00f3n de servicio (DoS). La memoria consumida se puede liberar reiniciando manualmente Routing Protocol Daemon (rpd). La utilizaci\u00f3n de la memoria se puede monitorear mediante: user@host\u0026gt; show system memory or show system monitor memory status. Este problema afecta a: Junos OS: * Todas las versiones anteriores a 21.2R3-S8, * desde 21.4 antes de 21.4R3-S8, * desde 22.2 antes de 22.2 R3-S4, * de 22.3 antes de 22.3R3-S3, * de 22.4 antes de 22.4R3-S3, * de 23.2 antes de 23.2R2-S1, * de 23.4 antes de 23.4R1-S2, 23.4R2, * de 24.2 antes de 24.2R2- EVO. Junos OS Evolved: * Todas las versiones anteriores a 21.2R3-S8-EVO, * desde 21.4 anterior a 21.4R3-S8-EVO, * desde 22.2 anterior a 22.2R3-S4-EVO, * desde 22.3 anterior a 22.3R3-S3-EVO, * desde 22.4 antes de 22.4R3-S3-EVO, * desde 23.2 antes de 23.2R2-S1-EVO, * desde 23.4 antes de 23.4R1-S2, 23.4R2, * desde 24.2 antes de 24.2R2-EVO."
}
],
"id": "CVE-2024-39549",
"lastModified": "2024-11-21T09:27:59.253",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "sirt@juniper.net",
"type": "Primary"
}
]
},
"published": "2024-07-11T17:15:15.433",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA83011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA83011"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-39550
Vulnerability from fkie_nvd - Published: 2024-07-11 17:15 - Updated: 2025-09-04 02:27
Severity ?
Summary
A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause ( which can be done by repeated port flaps) to cause a slow memory leak, ultimately leading to a Denial of Service (DoS).
Memory can only be recovered by manually restarting rtlogd process.
The memory usage can be monitored using the below command.
user@host> show system processes extensive | match rtlog
This issue affects Junos OS on MX Series with SPC3 line card:
* from 21.2R3 before 21.2R3-S8,
* from 21.4R2 before 21.4R3-S6,
* from 22.1 before 22.1R3-S5,
* from 22.2 before 22.2R3-S3,
* from 22.3 before 22.3R3-S2,
* from 22.4 before 22.4R3-S1,
* from 23.2 before 23.2R2,
* from 23.4 before 23.4R2.
References
| URL | Tags | ||
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA83012 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/JSA83012 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "737DDF96-7B1D-44E2-AD0F-E2F50858B2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "35E0BB39-18AE-4FAD-A528-FDFF6222DDE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "C470FB4E-A927-4AF3-ACB0-AD1E264218B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*",
"matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "D49FFB60-BA71-4902-9404-E67162919ADC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "EFF72FCA-C440-4D43-9BDB-F712DB413717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "DE69E9E3-00FC-41BF-9109-617668CF9A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "20EBC676-1B26-4A71-8326-0F892124290A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8BCDE58C-80CC-4C5A-9667-8A4468D8D76C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "EBB967BF-3495-476D-839A-9DBFCBE69F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "7E5688D6-DCA4-4550-9CD1-A3D792252129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*",
"matchCriteriaId": "1A78CC80-E8B1-4CDA-BB35-A61833657FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F1B16FF0-900F-4AEE-B670-A537139F6909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "B227E831-30FF-4BE1-B8B2-31829A5610A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*",
"matchCriteriaId": "78481ABC-3620-410D-BC78-334657E0BB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "BE8A5BA3-87BD-473A-B229-2AAB2C797005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8B74AC3E-8FC9-400A-A176-4F7F21F10756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "CB2D1FCE-8019-4CE1-BA45-D62F91AF7B51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A26704-A6A4-4C4F-9E12-A0A0259491EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "104858BD-D31D-40E0-8524-2EC311F10EAC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E08E1E-0FE4-4294-9497-BBFFECA2A220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process\u00a0of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause ( which can be done by repeated port flaps)\u00a0to cause a slow memory leak, ultimately leading to a Denial of Service (DoS). \n\nMemory can only be recovered by manually restarting rtlogd process.\u00a0\nThe memory usage can be monitored using the below command.\n\n\u2003\u2003\u2003\u2003user@host\u003e show system processes extensive | match rtlog\u00a0\n\n\n\nThis issue affects Junos OS on MX Series with SPC3 line card:\u00a0\n\n\n\n * from 21.2R3 before 21.2R3-S8,\u00a0\n * from 21.4R2 before 21.4R3-S6,\u00a0\n * from 22.1 before 22.1R3-S5,\u00a0\n * from 22.2 before 22.2R3-S3,\u00a0\n * from 22.3 before 22.3R3-S2,\u00a0\n * from 22.4 before 22.4R3-S1,\u00a0\n * from 23.2 before 23.2R2,\u00a0\n * from 23.4 before 23.4R2."
},
{
"lang": "es",
"value": "Una vulnerabilidad de liberaci\u00f3n de memoria faltante despu\u00e9s de la vida \u00fatil efectiva en el proceso rtlogd de Juniper Networks Junos OS en la serie MX con SPC3 permite que un atacante adyacente no autenticado desencadene una causa de eventos internos (que se puede lograr mediante solapas repetidas de puertos) para causar una p\u00e9rdida de memoria lenta. , lo que en \u00faltima instancia conduce a una denegaci\u00f3n de servicio (DoS). La memoria s\u00f3lo se puede recuperar reiniciando manualmente el proceso rtlogd. El uso de la memoria se puede monitorear usando el siguiente comando. usuario@host\u0026gt; show system processes extensive | match rtlog Este problema afecta a Junos OS en la serie MX con tarjeta de l\u00ednea SPC3: * desde 21.2R3 antes de 21.2R3-S8, * desde 21.4R2 antes de 21.4R3-S6, * desde 22.1 antes de 22.1R3-S5, * desde 22.2 antes de 22.2R3 -S3, * de 22.3 antes de 22.3R3-S2, * de 22.4 antes de 22.4R3-S1, * de 23.2 antes de 23.2R2, * de 23.4 antes de 23.4R2."
}
],
"id": "CVE-2024-39550",
"lastModified": "2025-09-04T02:27:09.490",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
},
"published": "2024-07-11T17:15:15.900",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA83012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA83012"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-39542
Vulnerability from fkie_nvd - Published: 2024-07-11 17:15 - Updated: 2025-08-08 16:43
Severity ?
Summary
An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MPC10/11 or LC9600, MX304, and Junos OS Evolved on ACX Series and PTX Series allows an unauthenticated, network based attacker to cause a Denial-of-Service (DoS).
This issue can occur in two scenarios:
1. If a device, which is configured with SFLOW and ECMP, receives specific valid transit traffic, which is subject to sampling, the packetio process crashes, which in turn leads to an evo-aftman crash and causes the FPC to stop working until it is restarted. (This scenario is only applicable to PTX but not to ACX or MX.)
2. If a device receives a malformed CFM packet on an interface configured with CFM, the packetio process crashes, which in turn leads to an evo-aftman crash and causes the FPC to stop working until it is restarted. Please note that the CVSS score is for the formally more severe issue 1.
The CVSS score for scenario 2. is: 6.5 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
This issue affects Junos OS:
* All versions before 21.2R3-S4,
* 21.4 versions before 21.4R2,
* 22.2 versions before 22.2R3-S2;
Junos OS Evolved:
* All versions before 21.2R3-S8-EVO,
* 21.4 versions before 21.4R2-EVO.
References
| URL | Tags | ||
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA83002 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/JSA83002 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.2 | |
| juniper | junos_os_evolved | 21.4 | |
| juniper | junos_os_evolved | 21.4 | |
| juniper | junos_os_evolved | 21.4 | |
| juniper | junos_os_evolved | 21.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "620B0CDD-5566-472E-B96A-31D2C12E3120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "3EA3DC63-B290-4D15-BEF9-21DEF36CA2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "7E1E57AF-979B-4022-8AD6-B3558E06B718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "144730FB-7622-4B3D-9C47-D1B7A7FB7EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "7BA246F0-154E-4F44-A97B-690D22FA73DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "25D6C07C-F96E-4523-BB54-7FEABFE1D1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2B70C784-534B-4FAA-A5ED-3709656E2B97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "60448FFB-568E-4280-9261-ADD65244F31A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "2B770C52-7E3E-4B92-9138-85DEC56F3B22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "E88AC378-461C-4EFA-A04B-5786FF21FE03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "3B0AFB30-81DC-465C-9F63-D1B15EA4809A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "2035F0AC-29E7-478A-A9D0-BAA3A88B3413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "C34ABD4B-B045-4046-9641-66E3B2082A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "6D5DC04F-18DE-403B-BE93-2251F3332C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "909FC378-EBFE-4BA9-8393-0C8301438020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MPC10/11 or LC9600, MX304, and Junos OS Evolved on ACX Series and PTX Series allows an unauthenticated, network based attacker to cause a Denial-of-Service (DoS).\n\nThis issue can occur in two scenarios:\n\n1. If a device, which is configured with SFLOW and ECMP, receives specific valid transit traffic, which is subject to sampling, the packetio process crashes, which in turn leads to an evo-aftman crash and causes the FPC to stop working until it is restarted. (This scenario is only applicable to PTX but not to ACX or MX.)\n\n2. If a device receives a malformed CFM packet on an interface configured with CFM, the packetio process crashes, which in turn leads to an evo-aftman crash and causes the FPC to stop working until it is restarted.\u00a0Please note that the CVSS score is for the formally more severe issue 1.\n\nThe CVSS score for scenario 2. is: 6.5 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n\n\n\nThis issue affects Junos OS:\n\n\n\n * All versions before\u00a021.2R3-S4,\n * 21.4 versions before 21.4R2,\n * 22.2 versions before 22.2R3-S2;\u00a0\n\n\n\n\nJunos OS Evolved:\n\n\n\n\n * All versions before\u00a021.2R3-S8-EVO,\n * 21.4 versions before 21.4R2-EVO."
},
{
"lang": "es",
"value": "Una validaci\u00f3n inadecuada de la correcci\u00f3n sint\u00e1ctica de la vulnerabilidad de entrada en Packet Forwarding Engine (PFE) de Juniper Networks Junos OS en la serie MX con MPC10/11 o LC9600, MX304 y Junos OS evolucionado en las series ACX y PTX permite una vulnerabilidad basada en red no autenticada atacante cause una denegaci\u00f3n de servicio (DoS). Este problema puede ocurrir en dos escenarios: 1. Si un dispositivo, que est\u00e1 configurado con SFLOW y ECMP, recibe tr\u00e1fico de tr\u00e1nsito v\u00e1lido espec\u00edfico, que est\u00e1 sujeto a muestreo, el proceso de paquete falla, lo que a su vez conduce a un fallo de evo-aftman y hace que el FPC deje de funcionar hasta que se reinicie. (Este escenario solo se aplica a PTX pero no a ACX o MX). 2. Si un dispositivo recibe un paquete CFM con formato incorrecto en una interfaz configurada con CFM, el proceso de paquete falla, lo que a su vez provoca un bloqueo de evo-aftman y provoca el FPC deje de funcionar hasta que se reinicie. Tenga en cuenta que la puntuaci\u00f3n CVSS es para el problema formalmente m\u00e1s grave 1. La puntuaci\u00f3n CVSS para el escenario 2 es: 6,5 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/ C:N/I:N/A:H) Este problema afecta a Junos OS: * Todas las versiones anteriores a 21.2R3-S4, * Versiones 21.4 anteriores a 21.4R2, * Versiones 22.2 anteriores a 22.2R3-S2; Junos OS Evolved: * Todas las versiones anteriores a 21.2R3-S8-EVO, * Versiones 21.4 anteriores a 21.4R2-EVO."
}
],
"id": "CVE-2024-39542",
"lastModified": "2025-08-08T16:43:44.233",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
},
"published": "2024-07-11T17:15:13.367",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA83002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA83002"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1286"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-39540
Vulnerability from fkie_nvd - Published: 2024-07-11 17:15 - Updated: 2025-04-11 14:50
Severity ?
Summary
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on SRX Series, and MX Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
When an affected device receives specific valid TCP traffic, the pfe crashes and restarts leading to a momentary but complete service outage.
This issue affects Junos OS:
21.2 releases from 21.2R3-S5 before 21.2R3-S6.
This issue does not affect earlier or later releases.
References
| URL | Tags | ||
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA83000 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/JSA83000 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos | 21.2 | |
| juniper | csrx | - | |
| juniper | mx240 | - | |
| juniper | mx480 | - | |
| juniper | mx960 | - | |
| juniper | srx100 | - | |
| juniper | srx110 | - | |
| juniper | srx1400 | - | |
| juniper | srx1500 | - | |
| juniper | srx1600 | - | |
| juniper | srx210 | - | |
| juniper | srx220 | - | |
| juniper | srx2300 | - | |
| juniper | srx240 | - | |
| juniper | srx240h2 | - | |
| juniper | srx240m | - | |
| juniper | srx300 | - | |
| juniper | srx320 | - | |
| juniper | srx340 | - | |
| juniper | srx3400 | - | |
| juniper | srx345 | - | |
| juniper | srx3600 | - | |
| juniper | srx380 | - | |
| juniper | srx4000 | - | |
| juniper | srx4100 | - | |
| juniper | srx4200 | - | |
| juniper | srx4300 | - | |
| juniper | srx4600 | - | |
| juniper | srx4700 | - | |
| juniper | srx5000 | - | |
| juniper | srx5400 | - | |
| juniper | srx550 | - | |
| juniper | srx550_hm | - | |
| juniper | srx550m | - | |
| juniper | srx5600 | - | |
| juniper | srx5800 | - | |
| juniper | srx650 | - | |
| juniper | vsrx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A26704-A6A4-4C4F-9E12-A0A0259491EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "104858BD-D31D-40E0-8524-2EC311F10EAC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E08E1E-0FE4-4294-9497-BBFFECA2A220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE06B18-BFB5-4029-A05D-386CFBFBF683",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48A1DCCD-208C-46D9-8E14-89592B49AB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E020556B-693F-4963-BA43-3164AB50FA49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0D31FF-0812-42B8-B25E-03C35EC1B021",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A03463-6B1D-4DBA-9E89-CAD5E899B98B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "826F893F-7B06-43B5-8653-A8D9794C052E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "462CFD52-D3E2-4F7A-98AC-C589D2420556",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52F0B735-8C49-4B08-950A-296C9CDE43CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on SRX Series, and MX Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\n\nWhen an affected device receives specific valid TCP traffic, the pfe crashes and restarts leading to a momentary but complete service outage.\n\nThis issue affects Junos OS:\n\n21.2 releases from 21.2R3-S5 before 21.2R3-S6.\n\nThis issue does not affect earlier or later releases."
},
{
"lang": "es",
"value": "Una verificaci\u00f3n inadecuada de la vulnerabilidad de condiciones inusuales o excepcionales en Packet Forwarding Engine (pfe) de Juniper Networks Junos OS en la serie SRX y la serie MX con SPC3 permite que un atacante no autenticado basado en red provoque una denegaci\u00f3n de servicio (DoS) . Cuando un dispositivo afectado recibe tr\u00e1fico TCP v\u00e1lido espec\u00edfico, el pfe falla y se reinicia, lo que provoca una interrupci\u00f3n moment\u00e1nea pero completa del servicio. Este problema afecta a Junos OS: versiones 21.2 de 21.2R3-S5 anteriores a 21.2R3-S6. Este problema no afecta a las versiones anteriores ni posteriores."
}
],
"id": "CVE-2024-39540",
"lastModified": "2025-04-11T14:50:12.097",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "sirt@juniper.net",
"type": "Primary"
}
]
},
"published": "2024-07-11T17:15:12.883",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA83000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA83000"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-39539
Vulnerability from fkie_nvd - Published: 2024-07-11 17:15 - Updated: 2025-04-11 14:47
Severity ?
Summary
A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS).
In a subscriber management scenario continuous subscriber logins will trigger a memory leak and eventually lead to an FPC crash and restart.
This issue affects Junos OS on MX Series:
* All version before 21.2R3-S6,
* 21.4 versions before 21.4R3-S6,
* 22.1 versions before 22.1R3-S5,
* 22.2 versions before 22.2R3-S3,
* 22.3 versions before 22.3R3-S2,
* 22.4 versions before 22.4R3,
* 23.2 versions before 23.2R2.
References
| URL | Tags | ||
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA82999 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/JSA82999 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "331C0F12-D9B9-483B-9EF0-28E48ED8346D",
"versionEndExcluding": "21.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "C470FB4E-A927-4AF3-ACB0-AD1E264218B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*",
"matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "D49FFB60-BA71-4902-9404-E67162919ADC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "EFF72FCA-C440-4D43-9BDB-F712DB413717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "DE69E9E3-00FC-41BF-9109-617668CF9A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "20EBC676-1B26-4A71-8326-0F892124290A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8BCDE58C-80CC-4C5A-9667-8A4468D8D76C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "EBB967BF-3495-476D-839A-9DBFCBE69F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*",
"matchCriteriaId": "1A78CC80-E8B1-4CDA-BB35-A61833657FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F1B16FF0-900F-4AEE-B670-A537139F6909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "B227E831-30FF-4BE1-B8B2-31829A5610A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72952BFC-45B9-4379-8D9A-A10132CC34EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52699E2B-450A-431C-81E3-DC4483C8B4F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5627740-42E3-4FB1-B8B9-0B768AFFA1EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84F7BB7E-3A52-4C23-A4D2-50E75C912AFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C39DA74D-F5C7-4C11-857D-50631A110644",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F72C850A-0530-4DB7-A553-7E19F82122B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE2089C-F341-4DC1-B76D-633BC699306D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27175D9A-CA2C-4218-8042-835E25DFCA43",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00C7FC57-8ACF-45AA-A227-7E3B350FD24F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2754C2DF-DF6E-4109-9463-38B4E0465B77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A26704-A6A4-4C4F-9E12-A0A0259491EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx304:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7FB0CC-624D-4AB9-A7AC-BB19838C3B22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C982A2FF-A1F9-4830-BAB6-77CFCE1F093F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "104858BD-D31D-40E0-8524-2EC311F10EAC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B557965-0040-4048-B56C-F564FF28635B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB875EBD-A3CD-4466-B2A3-39D47FF94592",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E08E1E-0FE4-4294-9497-BBFFECA2A220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a\u00a0Denial-of-Service (DoS).\n\nIn a subscriber management scenario continuous subscriber logins will trigger a memory leak and eventually lead to an FPC crash and restart.\n\nThis issue affects Junos OS on MX Series:\n\n\n\n * All version before 21.2R3-S6,\n * 21.4 versions before 21.4R3-S6,\n * 22.1 versions before 22.1R3-S5,\n * 22.2 versions before 22.2R3-S3,\u00a0\n * 22.3 versions before 22.3R3-S2,\n * 22.4 versions before 22.4R3,\n * 23.2 versions before 23.2R2."
},
{
"lang": "es",
"value": "Una vulnerabilidad de liberaci\u00f3n de memoria faltante despu\u00e9s de la vida \u00fatil efectiva en Juniper Networks Junos OS en la serie MX permite que un atacante adyacente no autenticado provoque una denegaci\u00f3n de servicio (DoS). En un escenario de gesti\u00f3n de suscriptores, los inicios de sesi\u00f3n continuos de los suscriptores provocar\u00e1n una p\u00e9rdida de memoria y, eventualmente, provocar\u00e1n un bloqueo y reinicio del FPC. Este problema afecta a Junos OS en la serie MX: * Todas las versiones anteriores a 21.2R3-S6, * Versiones 21.4 anteriores a 21.4R3-S6, * Versiones 22.1 anteriores a 22.1R3-S5, * Versiones 22.2 anteriores a 22.2R3-S3, * Versiones 22.3 anteriores a 22.3 R3-S2, *versiones 22.4 anteriores a 22.4R3, *versiones 23.2 anteriores a 23.2R2."
}
],
"id": "CVE-2024-39539",
"lastModified": "2025-04-11T14:47:34.467",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "sirt@juniper.net",
"type": "Primary"
}
]
},
"published": "2024-07-11T17:15:12.633",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA82999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA82999"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2025-21601 (GCVE-0-2025-21601)
Vulnerability from cvelistv5 – Published: 2025-04-09 19:51 – Updated: 2025-04-15 20:30
VLAI?
Summary
An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an unauthenticated, network-based attacker, sending genuine traffic targeted to the device to cause the CPU to climb until the device becomes unresponsive.
Continuous receipt of these packets will create a sustained Denial of Service (DoS) condition.
This issue affects Junos OS:
* All versions before 21.4R3-S9,
* from 22.2 before 22.2R3-S5,
* from 22.4 before 22.4R3-S4,
* from 23.2 before 23.2R2-S3,
* from 23.4 before 23.4R2-S3,
* from 24.2 before 24.2R1-S1, 24.2R2.
An indicator of compromise is to review the CPU % of the httpd process in the CLI:
e.g.
show system processes extensive | match httpd PID nobody 52 0 20M 191M select 2 0:01 80.00% httpd{httpd} <<<<< the percentage of httpd usage if high may be an indicator
Severity ?
CWE
- 573 - Improper Following of Specification by Caller
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
0 , < 21.4R3-S9
(semver)
Affected: 22.2 , < 22.2R3-S5 (semver) Affected: 22.4 , < 22.4R3-S4 (semver) Affected: 23.2 , < 23.2R2-S3 (semver) Affected: 23.4 , < 23.4R2-S3 (semver) Affected: 24.2 , < 24.2R1-S1, 24.2R2 (semver) |
Credits
Alexander Zielke with VegaSystems GmbH & Co. KG
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-21601",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-10T13:11:29.847130Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-573",
"description": "CWE-573 Improper Following of Specification by Caller",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T20:30:05.134Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"J-Web",
"Captive Portal",
"802.1X",
"Juniper Secure Connect (JSC)",
"Firewall Authentication"
],
"packageName": "AppWeb",
"platforms": [
"SRX Series",
"EX Series",
"MX240",
"MX480",
"MX960",
"QFX5120 Series"
],
"product": "Junos OS",
"programRoutines": [
{
"name": "Mbedthis AppWeb"
}
],
"repo": "https://www.embedthis.com/appweb",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.4R3-S9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S5",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S4",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S3",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R2-S3",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "24.2R1-S1, 24.2R2",
"status": "affected",
"version": "24.2",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following minimal configuration is necessary:\u003c/p\u003e\u003ccode\u003e\u0026nbsp; [ system services web-management ]\u003c/code\u003e"
}
],
"value": "The following minimal configuration is necessary:\n\n\u00a0 [ system services web-management ]"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Alexander Zielke with VegaSystems GmbH \u0026 Co. KG"
}
],
"datePublic": "2025-04-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003eJuniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;un\u003c/span\u003eauthenticated, network-based attacker, sending genuine traffic targeted to the device to cause the CPU to climb until the device becomes unresponsive. \u003cbr\u003e\u003cbr\u003eContinuous receipt of these packets will create a sustained Denial of Service (DoS) condition.\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Junos OS:\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions before 21.4R3-S9,\u003c/li\u003e\u003cli\u003efrom 22.2 before 22.2R3-S5,\u003c/li\u003e\u003cli\u003efrom 22.4 before 22.4R3-S4,\u003c/li\u003e\u003cli\u003efrom 23.2 before 23.2R2-S3,\u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R2-S3,\u003c/li\u003e\u003cli\u003efrom 24.2 before 24.2R1-S1, 24.2R2.\u003c/li\u003e\u003c/ul\u003eAn indicator of compromise is to review the CPU % of the httpd process in the CLI:\u003cbr\u003ee.g.\u003cbr\u003e\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;show system processes extensive | match httpd\u003c/span\u003e\u003cp\u003e\u003cstrong\u003e\u0026nbsp; \u003c/strong\u003ePID nobody \u0026nbsp; \u0026nbsp; \u0026nbsp; 52 \u0026nbsp; 0 \u0026nbsp; 20M\u0026nbsp; \u0026nbsp; 191M select \u0026nbsp; 2 \u0026nbsp; 0:01 \u0026nbsp; 80.00% httpd{httpd} \u003cstrong\u003e\u0026lt;\u0026lt;\u0026lt;\u0026lt;\u0026lt; the percentage of httpd usage if high may be an indicator\u003c/strong\u003e\u003c/p\u003e"
}
],
"value": "An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of\u00a0Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an\u00a0unauthenticated, network-based attacker, sending genuine traffic targeted to the device to cause the CPU to climb until the device becomes unresponsive. \n\nContinuous receipt of these packets will create a sustained Denial of Service (DoS) condition.\n\n\n\n\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.4R3-S9,\n * from 22.2 before 22.2R3-S5,\n * from 22.4 before 22.4R3-S4,\n * from 23.2 before 23.2R2-S3,\n * from 23.4 before 23.4R2-S3,\n * from 24.2 before 24.2R1-S1, 24.2R2.\n\n\nAn indicator of compromise is to review the CPU % of the httpd process in the CLI:\ne.g.\n\u00a0\u00a0show system processes extensive | match httpd\u00a0 PID nobody \u00a0 \u00a0 \u00a0 52 \u00a0 0 \u00a0 20M\u00a0 \u00a0 191M select \u00a0 2 \u00a0 0:01 \u00a0 80.00% httpd{httpd} \u003c\u003c\u003c\u003c\u003c the percentage of httpd usage if high may be an indicator"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "573 - Improper Following of Specification by Caller",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T19:51:36.325Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA96452"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS: 21.4R3-S9, 22.2R3-S5, 22.4R3-S4, 23.2R2-S3, 23.4R2-S3, 24.2R1-S1, 24.2R2, 24.4R1, and all subsequent releases."
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS: 21.4R3-S9, 22.2R3-S5, 22.4R3-S4, 23.2R2-S3, 23.4R2-S3, 24.2R1-S1, 24.2R2, 24.4R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA96452",
"defect": [
"1827265"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2025-04-09T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Junos OS: SRX and EX Series, MX240, MX480, MX960, QFX5120 Series: When web management is enabled for specific services an attacker may cause a CPU spike by sending genuine packets to the device",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue.\u003cbr\u003e\u003cbr\u003eTo reduce the risk of exploitation use authentication when using web management services.\u003cbr\u003e"
}
],
"value": "There are no known workarounds for this issue.\n\nTo reduce the risk of exploitation use authentication when using web management services."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2025-21601",
"datePublished": "2025-04-09T19:51:36.325Z",
"dateReserved": "2024-12-26T14:47:11.670Z",
"dateUpdated": "2025-04-15T20:30:05.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-21590 (GCVE-0-2025-21590)
Vulnerability from cvelistv5 – Published: 2025-03-12 13:59 – Updated: 2025-10-21 22:55
VLAI?
Summary
An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device.
A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device.
This issue is not exploitable from the Junos CLI.
This issue affects Junos OS:
* All versions before 21.2R3-S9,
* 21.4 versions before 21.4R3-S10,
* 22.2 versions before 22.2R3-S6,
* 22.4 versions before 22.4R3-S6,
* 23.2 versions before 23.2R2-S3,
* 23.4 versions before 23.4R2-S4,
* 24.2 versions before 24.2R1-S2, 24.2R2.
Severity ?
4.4 (Medium)
CWE
- CWE-653 - Improper Isolation or Compartmentalization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
0 , < 21.2R3-S9
(semver)
Affected: 21.4 , < 21.4R3-S10 (semver) Affected: 22.2 , < 22.2R3-S6 (semver) Affected: 22.4 , < 22.4R3-S6 (semver) Affected: 23.2 , < 23.2R2-S3 (semver) Affected: 23.4 , < 23.4R2-S4 (semver) Affected: 24.2 , < 24.2R1-S2, 24.2R2 (semver) |
Credits
Juniper SIRT would like to acknowledge and thank Matteo Memelli from Amazon for responsibly reporting this issue. Note: Amazon found the issue during internal security research and not due to exploitation.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-21590",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-14T03:55:21.999597Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-03-13",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21590"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:23.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21590"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-13T00:00:00+00:00",
"value": "CVE-2025-21590 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.2R3-S9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S10",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S6",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S6",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S3",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R2-S4",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "24.2R1-S2, 24.2R2",
"status": "affected",
"version": "24.2",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Juniper SIRT would like to acknowledge and thank Matteo Memelli from Amazon for responsibly reporting this issue. Note: Amazon found the issue during internal security research and not due to exploitation."
}
],
"datePublic": "2025-03-12T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device.\u003cbr\u003e\u003cbr\u003eA local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device.\u003cbr\u003eThis issue is not exploitable from the Junos CLI.\u003cbr\u003e\u003cp\u003eThis issue affects Junos OS:\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions before 21.2R3-S9,\u003c/li\u003e\u003cli\u003e21.4 versions before 21.4R3-S10,\u0026nbsp;\u003c/li\u003e\u003cli\u003e22.2 versions before 22.2R3-S6,\u0026nbsp;\u003c/li\u003e\u003cli\u003e22.4 versions before 22.4R3-S6,\u0026nbsp;\u003c/li\u003e\u003cli\u003e23.2 versions before 23.2R2-S3,\u0026nbsp;\u003c/li\u003e\u003cli\u003e23.4 versions before 23.4R2-S4,\u003c/li\u003e\u003cli\u003e24.2 versions before 24.2R1-S2, 24.2R2.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device.\n\nA local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device.\nThis issue is not exploitable from the Junos CLI.\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.2R3-S9,\n * 21.4 versions before 21.4R3-S10,\u00a0\n * 22.2 versions before 22.2R3-S6,\u00a0\n * 22.4 versions before 22.4R3-S6,\u00a0\n * 23.2 versions before 23.2R2-S3,\u00a0\n * 23.4 versions before 23.4R2-S4,\n * 24.2 versions before 24.2R1-S2, 24.2R2."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "At least one instance of malicious exploitation has been reported to the Juniper SIRT. Customers are encouraged to upgrade to a fixed release as soon as it\u0027s available and in the meantime take steps to mitigate this vulnerability."
}
],
"value": "At least one instance of malicious exploitation has been reported to the Juniper SIRT. Customers are encouraged to upgrade to a fixed release as soon as it\u0027s available and in the meantime take steps to mitigate this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-653",
"description": "CWE-653 Improper Isolation or Compartmentalization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T08:00:02.011Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA93446"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R1-S2, 24.2R2, 24.4R1, and all subsequent releases.\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u003c/p\u003e\n\u003cp\u003ePlease note that this issue is not fixed for all platforms in the releases specified in the solution section.\u003c/p\u003e\n\u003cp\u003eFor the following products the fix is only available in these releases:\u003c/p\u003e\n\u003cp\u003eSRX300 Series\u2003\u0026nbsp; 21.2R3-S9, 23.4R2-S5*, 24.4R1\u003c/p\u003e\n\u003cp\u003eSRX550HM\u2003\u2003\u2003 22.2R3-S7*\u003c/p\u003e\n\u003cp\u003eEX4300 Series \u0026nbsp; \u0026nbsp; 21.4R3-S11* (except EX4300-48MP which has fixes available as indicated in the solution)\u003c/p\u003e\n\u003cp\u003eEX4600 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 21.4R3-S11* (except EX4650 which has fixes available as indicated in the solution)\u003c/p\u003e\n\u003cp\u003eACX1000, ACX1100, ACX2100, ACX2200, ACX4000,\u003c/p\u003e\n\u003cp\u003eACX500 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;21.2R3-S9\u003c/p\u003e\n\u003cp\u003eMX104 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 21.2R3-S9\u003c/p\u003e\n\u003cp\u003e* Future Release\u0026nbsp;\u003c/p\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R1-S2, 24.2R2, 24.4R1, and all subsequent releases.\n\n\n\u00a0\n\n\nPlease note that this issue is not fixed for all platforms in the releases specified in the solution section.\n\n\nFor the following products the fix is only available in these releases:\n\n\nSRX300 Series\u2003\u00a0 21.2R3-S9, 23.4R2-S5*, 24.4R1\n\n\nSRX550HM\u2003\u2003\u2003 22.2R3-S7*\n\n\nEX4300 Series \u00a0 \u00a0 21.4R3-S11* (except EX4300-48MP which has fixes available as indicated in the solution)\n\n\nEX4600 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 21.4R3-S11* (except EX4650 which has fixes available as indicated in the solution)\n\n\nACX1000, ACX1100, ACX2100, ACX2200, ACX4000,\n\n\nACX500 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a021.2R3-S9\n\n\nMX104 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 21.2R3-S9\n\n\n* Future Release"
}
],
"source": {
"advisory": "JSA93446",
"defect": [
"1838460",
"1872010"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2025-03-12T14:00:00.000Z",
"value": "Initial Publication"
},
{
"lang": "en",
"time": "2025-03-12T15:16:00.000Z",
"value": "Corrected hotlinks for CVSS assessments"
},
{
"lang": "en",
"time": "2025-03-14T14:00:00.000Z",
"value": "Rephrased sentences on Amazon involvement to reduce the chance for confusion"
},
{
"lang": "en",
"time": "2025-04-09T08:17:00.000Z",
"value": "Updated solution section to clarify which platforms are not fixed in all but only in specific releases"
},
{
"lang": "en",
"time": "2025-04-14T07:15:00.000Z",
"value": "For the products/platforms specifically mentioned in the solution section: Please note that Junos OS version 21.2R3-S9.20, which was made available last week, does not address the issue completely. We\u0027ll publish an updated version with the complete fix and update this advisory as soon as possible."
},
{
"lang": "en",
"time": "2025-05-06T08:00:00.000Z",
"value": "For the products/platforms specifically mentioned in the solution section: Please note that Junos OS version 21.2R3-S9.21 has been publish with the complete fix."
}
],
"title": "Junos OS: An local attacker with shell access can execute arbitrary code",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is strongly recommended to mitigate the risk of exploitation by restricting shell access to trusted users only.\n\n\u003cbr\u003e"
}
],
"value": "It is strongly recommended to mitigate the risk of exploitation by restricting shell access to trusted users only."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2025-21590",
"datePublished": "2025-03-12T13:59:43.038Z",
"dateReserved": "2024-12-26T14:47:11.667Z",
"dateUpdated": "2025-10-21T22:55:23.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39550 (GCVE-0-2024-39550)
Vulnerability from cvelistv5 – Published: 2024-07-11 16:29 – Updated: 2024-08-02 04:26
VLAI?
Summary
A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause ( which can be done by repeated port flaps) to cause a slow memory leak, ultimately leading to a Denial of Service (DoS).
Memory can only be recovered by manually restarting rtlogd process.
The memory usage can be monitored using the below command.
user@host> show system processes extensive | match rtlog
This issue affects Junos OS on MX Series with SPC3 line card:
* from 21.2R3 before 21.2R3-S8,
* from 21.4R2 before 21.4R3-S6,
* from 22.1 before 22.1R3-S5,
* from 22.2 before 22.2R3-S3,
* from 22.3 before 22.3R3-S2,
* from 22.4 before 22.4R3-S1,
* from 23.2 before 23.2R2,
* from 23.4 before 23.4R2.
Severity ?
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
21.2R3 , < 21.2R3-S8
(semver)
Affected: 21.4R2 , < 21.4R3-S6 (semver) Affected: 22.1 , < 22.1R3-S5 (semver) Affected: 22.2 , < 22.2R3-S3 (semver) Affected: 22.3 , < 22.3R3-S2 (semver) Affected: 22.4 , < 22.4R3-S1 (semver) Affected: 23.2 , < 23.2R2 (semver) Affected: 23.4 , < 23.4R2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39550",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-11T18:47:29.420589Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T18:47:38.416Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:15.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA83012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"MX Series with SPC3"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.2R3-S8",
"status": "affected",
"version": "21.2R3",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S6",
"status": "affected",
"version": "21.4R2",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S5",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S3",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3-S2",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S1",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R2",
"status": "affected",
"version": "23.4",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNext Gen Services\u0026nbsp;\u003c/span\u003ecan be enabled by using this command:\u0026nbsp;\u003cbr\u003e\u003cbr\u003euser@host\u0026gt; request system enable unified-services\u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAfter you enter \u003c/span\u003e\u003ccode\u003erequest system enable unified-services\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e, reboot the chassis.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Next Gen Services\u00a0can be enabled by using this command:\u00a0\n\nuser@host\u003e request system enable unified-services\n\nAfter you enter request system enable unified-services, reboot the chassis."
}
],
"datePublic": "2024-07-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;of \u003c/span\u003eJuniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause ( which can be done by repeated port flaps)\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eto cause a slow memory leak, ultimately leading to a Denial of Service (DoS). \u003cbr\u003e\u003cbr\u003eMemory can only be recovered by manually restarting rtlogd process.\u0026nbsp;\u003cbr\u003e\u003cp\u003eThe memory usage can be monitored using the below command.\u003c/p\u003e\u003ccode\u003e\u2003\u2003\u2003\u2003user@host\u0026gt; show system processes extensive | match rtlog\u0026nbsp;\u003cbr\u003e\u003c/code\u003e\u003c/span\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Junos OS on MX Series with SPC3 line card:\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003efrom 21.2R3 before 21.2R3-S8,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 21.4R2 before 21.4R3-S6,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.1 before 22.1R3-S5,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.2 before 22.2R3-S3,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.3 before 22.3R3-S2,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.4 before 22.4R3-S1,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 23.2 before 23.2R2,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R2.\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process\u00a0of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause ( which can be done by repeated port flaps)\u00a0to cause a slow memory leak, ultimately leading to a Denial of Service (DoS). \n\nMemory can only be recovered by manually restarting rtlogd process.\u00a0\nThe memory usage can be monitored using the below command.\n\n\u2003\u2003\u2003\u2003user@host\u003e show system processes extensive | match rtlog\u00a0\n\n\n\nThis issue affects Junos OS on MX Series with SPC3 line card:\u00a0\n\n\n\n * from 21.2R3 before 21.2R3-S8,\u00a0\n * from 21.4R2 before 21.4R3-S6,\u00a0\n * from 22.1 before 22.1R3-S5,\u00a0\n * from 22.2 before 22.2R3-S3,\u00a0\n * from 22.3 before 22.3R3-S2,\u00a0\n * from 22.4 before 22.4R3-S1,\u00a0\n * from 23.2 before 23.2R2,\u00a0\n * from 23.4 before 23.4R2."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/R:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401 Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T16:29:03.646Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA83012"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue:\u003cbr\u003e \u003cbr\u003eJunos OS: 21.2R3-S8, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3-S1, 23.2R2, 23.4R2, 24.2R1, and all subsequent releases."
}
],
"value": "The following software releases have been updated to resolve this specific issue:\n \nJunos OS: 21.2R3-S8, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3-S1, 23.2R2, 23.4R2, 24.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA83012",
"defect": [
"1779424"
],
"discovery": "USER"
},
"title": "Junos OS: MX Series with SPC3 line card: Port flaps causes rtlogd memory leak leading to Denial of Service",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue."
}
],
"value": "There are no known workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2024-39550",
"datePublished": "2024-07-11T16:29:03.646Z",
"dateReserved": "2024-06-25T15:12:53.246Z",
"dateUpdated": "2024-08-02T04:26:15.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39549 (GCVE-0-2024-39549)
Vulnerability from cvelistv5 – Published: 2024-07-11 16:27 – Updated: 2025-02-26 18:16
VLAI?
Summary
A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).
Consumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).
Memory utilization could be monitored by:
user@host> show system memory or show system monitor memory status
This issue affects:
Junos OS: * All versions before 21.2R3-S8,
* from 21.4 before 21.4R3-S8,
* from 22.2 before 22.2R3-S4,
* from 22.3 before 22.3R3-S3,
* from 22.4 before 22.4R3-S3,
* from 23.2 before 23.2R2-S1,
* from 23.4 before 23.4R1-S2, 23.4R2.
Junos OS Evolved:
* All versions before 21.2R3-S8-EVO,
* from 21.4 before 21.4R3-S8-EVO,
* from 22.2 before 22.2R3-S4-EVO,
* from 22.3 before 22.3R3-S3-EVO,
* from 22.4 before 22.4R3-S3-EVO,
* from 23.2 before 23.2R2-S1-EVO,
* from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO.
Severity ?
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
0 , < 21.2R3-S8
(semver)
Affected: 21.4 , < 21.4R3-S8 (semver) Affected: 22.2 , < 22.2R3-S4 (semver) Affected: 22.3 , < 22.3R3-S3 (semver) Affected: 22.4 , < 22.4R3-S3 (semver) Affected: 23.2 , < 23.2R2-S1 (semver) Affected: 23.4 , < 23.4R1-S2, 23.4R2 (semver) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:juniper:junos_os:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "junos_os",
"vendor": "juniper",
"versions": [
{
"lessThan": "21.2R3-S8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S8",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S4",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3-S3",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S3",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S1",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R1-S2",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "23.4R2",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "24.2R2",
"status": "affected",
"version": "24.2",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "junos_os_evolved",
"vendor": "juniper",
"versions": [
{
"lessThan": "21.2R3-S8-EVO",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S8-EVO",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S4-EVO",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3-S3-EVO",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S3-EVO",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S1-EVO",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R1-S2-EVO",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "23.4R2-EVO",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "24.2R2-EVO",
"status": "affected",
"version": "24.2",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39549",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T18:16:20.812180Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T18:16:27.497Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:15.913Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA83011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.2R3-S8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S8",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S4",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3-S3",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S3",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S1",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R1-S2, 23.4R2",
"status": "affected",
"version": "23.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.2R3-S8-EVO",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S8-EVO",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S4-EVO",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3-S3-EVO",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S3-EVO",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S1-EVO",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R1-S2-EVO, 23.4R2-EVO",
"status": "affected",
"version": "23.4",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-07-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of\u0026nbsp;Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003eConsumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).\u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMemory utilization could be monitored by:\u0026nbsp;\u003cbr\u003euser@host\u0026gt; show system memory or show system monitor memory status\u003c/span\u003e\u003cbr\u003e\u003cbr\u003eThis issue affects:\u003cbr\u003e\u003cbr\u003eJunos OS:\u0026nbsp;\u003cul\u003e\u003cli\u003eAll versions before 21.2R3-S8,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 21.4 before 21.4R3-S8,\u003cbr\u003e\u003c/li\u003e\u003cli\u003efrom 22.2 before 22.2R3-S4,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.3 before 22.3R3-S3,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.4 before 22.4R3-S3,\u003c/li\u003e\u003cli\u003efrom 23.2 before 23.2R2-S1,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R1-S2, 23.4R2.\u003c/li\u003e\u003c/ul\u003eJunos OS Evolved:\u003cbr\u003e\u003cul\u003e\u003cli\u003eAll versions before 21.2R3-S8-EVO, \u003c/li\u003e\u003cli\u003efrom 21.4 before 21.4R3-S8-EVO,\u003c/li\u003e\u003cli\u003efrom 22.2 before 22.2R3-S4-EVO, \u003c/li\u003e\u003cli\u003efrom 22.3 before 22.3R3-S3-EVO, \u003c/li\u003e\u003cli\u003efrom 22.4 before 22.4R3-S3-EVO,\u003cbr\u003e\u003c/li\u003e\u003cli\u003efrom 23.2 before 23.2R2-S1-EVO, \u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
}
],
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).\n\nConsumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).\n\nMemory utilization could be monitored by:\u00a0\nuser@host\u003e show system memory or show system monitor memory status\n\nThis issue affects:\n\nJunos OS:\u00a0 * All versions before 21.2R3-S8,\u00a0\n * from 21.4 before 21.4R3-S8,\n\n * from 22.2 before 22.2R3-S4,\u00a0\n * from 22.3 before 22.3R3-S3,\u00a0\n * from 22.4 before 22.4R3-S3,\n * from 23.2 before 23.2R2-S1,\u00a0\n * from 23.4 before 23.4R1-S2, 23.4R2.\n\n\nJunos OS Evolved:\n * All versions before 21.2R3-S8-EVO, \n * from 21.4 before 21.4R3-S8-EVO,\n * from 22.2 before 22.2R3-S4-EVO, \n * from 22.3 before 22.3R3-S3-EVO, \n * from 22.4 before 22.4R3-S3-EVO,\n\n * from 23.2 before 23.2R2-S1-EVO, \n * from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401: Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T21:09:45.677Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA83011"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue:\u003cbr\u003e \u003cbr\u003eJunos OS: 21.2R3-S8, 21.4R3-S8, 22.2R3-S4, 22.3R3-S3, \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e22.4R3-S3,\u0026nbsp;\u003c/span\u003e23.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases.\u003cbr\u003e\u003cbr\u003e\nJunos OS Evolved:\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e21.2R3-S8-EVO, 21.4R3-S8-EVO, 22.2R3-S4-EVO, \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e22.3R3-S3-EVO,\u0026nbsp;\u003c/span\u003e22.4R3-S3-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 24.2R1-EVO and all subsequent releases.\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue:\n \nJunos OS: 21.2R3-S8, 21.4R3-S8, 22.2R3-S4, 22.3R3-S3, 22.4R3-S3,\u00a023.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases.\n\n\nJunos OS Evolved:\u00a021.2R3-S8-EVO, 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO,\u00a022.4R3-S3-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 24.2R1-EVO and all subsequent releases."
}
],
"source": {
"advisory": "JSA83011",
"defect": [
"1778879"
],
"discovery": "INTERNAL"
},
"title": "Junos OS and Junos OS Evolved: Receipt of malformed BGP path attributes leads to a memory leak",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are no known workarounds for this issue.\u003c/p\u003e"
}
],
"value": "There are no known workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2024-39549",
"datePublished": "2024-07-11T16:27:19.238Z",
"dateReserved": "2024-06-25T15:12:53.246Z",
"dateUpdated": "2025-02-26T18:16:27.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-21601 (GCVE-0-2025-21601)
Vulnerability from nvd – Published: 2025-04-09 19:51 – Updated: 2025-04-15 20:30
VLAI?
Summary
An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an unauthenticated, network-based attacker, sending genuine traffic targeted to the device to cause the CPU to climb until the device becomes unresponsive.
Continuous receipt of these packets will create a sustained Denial of Service (DoS) condition.
This issue affects Junos OS:
* All versions before 21.4R3-S9,
* from 22.2 before 22.2R3-S5,
* from 22.4 before 22.4R3-S4,
* from 23.2 before 23.2R2-S3,
* from 23.4 before 23.4R2-S3,
* from 24.2 before 24.2R1-S1, 24.2R2.
An indicator of compromise is to review the CPU % of the httpd process in the CLI:
e.g.
show system processes extensive | match httpd PID nobody 52 0 20M 191M select 2 0:01 80.00% httpd{httpd} <<<<< the percentage of httpd usage if high may be an indicator
Severity ?
CWE
- 573 - Improper Following of Specification by Caller
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
0 , < 21.4R3-S9
(semver)
Affected: 22.2 , < 22.2R3-S5 (semver) Affected: 22.4 , < 22.4R3-S4 (semver) Affected: 23.2 , < 23.2R2-S3 (semver) Affected: 23.4 , < 23.4R2-S3 (semver) Affected: 24.2 , < 24.2R1-S1, 24.2R2 (semver) |
Credits
Alexander Zielke with VegaSystems GmbH & Co. KG
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-21601",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-10T13:11:29.847130Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-573",
"description": "CWE-573 Improper Following of Specification by Caller",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T20:30:05.134Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"J-Web",
"Captive Portal",
"802.1X",
"Juniper Secure Connect (JSC)",
"Firewall Authentication"
],
"packageName": "AppWeb",
"platforms": [
"SRX Series",
"EX Series",
"MX240",
"MX480",
"MX960",
"QFX5120 Series"
],
"product": "Junos OS",
"programRoutines": [
{
"name": "Mbedthis AppWeb"
}
],
"repo": "https://www.embedthis.com/appweb",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.4R3-S9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S5",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S4",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S3",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R2-S3",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "24.2R1-S1, 24.2R2",
"status": "affected",
"version": "24.2",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following minimal configuration is necessary:\u003c/p\u003e\u003ccode\u003e\u0026nbsp; [ system services web-management ]\u003c/code\u003e"
}
],
"value": "The following minimal configuration is necessary:\n\n\u00a0 [ system services web-management ]"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Alexander Zielke with VegaSystems GmbH \u0026 Co. KG"
}
],
"datePublic": "2025-04-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003eJuniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;un\u003c/span\u003eauthenticated, network-based attacker, sending genuine traffic targeted to the device to cause the CPU to climb until the device becomes unresponsive. \u003cbr\u003e\u003cbr\u003eContinuous receipt of these packets will create a sustained Denial of Service (DoS) condition.\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Junos OS:\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions before 21.4R3-S9,\u003c/li\u003e\u003cli\u003efrom 22.2 before 22.2R3-S5,\u003c/li\u003e\u003cli\u003efrom 22.4 before 22.4R3-S4,\u003c/li\u003e\u003cli\u003efrom 23.2 before 23.2R2-S3,\u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R2-S3,\u003c/li\u003e\u003cli\u003efrom 24.2 before 24.2R1-S1, 24.2R2.\u003c/li\u003e\u003c/ul\u003eAn indicator of compromise is to review the CPU % of the httpd process in the CLI:\u003cbr\u003ee.g.\u003cbr\u003e\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;show system processes extensive | match httpd\u003c/span\u003e\u003cp\u003e\u003cstrong\u003e\u0026nbsp; \u003c/strong\u003ePID nobody \u0026nbsp; \u0026nbsp; \u0026nbsp; 52 \u0026nbsp; 0 \u0026nbsp; 20M\u0026nbsp; \u0026nbsp; 191M select \u0026nbsp; 2 \u0026nbsp; 0:01 \u0026nbsp; 80.00% httpd{httpd} \u003cstrong\u003e\u0026lt;\u0026lt;\u0026lt;\u0026lt;\u0026lt; the percentage of httpd usage if high may be an indicator\u003c/strong\u003e\u003c/p\u003e"
}
],
"value": "An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of\u00a0Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an\u00a0unauthenticated, network-based attacker, sending genuine traffic targeted to the device to cause the CPU to climb until the device becomes unresponsive. \n\nContinuous receipt of these packets will create a sustained Denial of Service (DoS) condition.\n\n\n\n\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.4R3-S9,\n * from 22.2 before 22.2R3-S5,\n * from 22.4 before 22.4R3-S4,\n * from 23.2 before 23.2R2-S3,\n * from 23.4 before 23.4R2-S3,\n * from 24.2 before 24.2R1-S1, 24.2R2.\n\n\nAn indicator of compromise is to review the CPU % of the httpd process in the CLI:\ne.g.\n\u00a0\u00a0show system processes extensive | match httpd\u00a0 PID nobody \u00a0 \u00a0 \u00a0 52 \u00a0 0 \u00a0 20M\u00a0 \u00a0 191M select \u00a0 2 \u00a0 0:01 \u00a0 80.00% httpd{httpd} \u003c\u003c\u003c\u003c\u003c the percentage of httpd usage if high may be an indicator"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "573 - Improper Following of Specification by Caller",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T19:51:36.325Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA96452"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS: 21.4R3-S9, 22.2R3-S5, 22.4R3-S4, 23.2R2-S3, 23.4R2-S3, 24.2R1-S1, 24.2R2, 24.4R1, and all subsequent releases."
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS: 21.4R3-S9, 22.2R3-S5, 22.4R3-S4, 23.2R2-S3, 23.4R2-S3, 24.2R1-S1, 24.2R2, 24.4R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA96452",
"defect": [
"1827265"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2025-04-09T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Junos OS: SRX and EX Series, MX240, MX480, MX960, QFX5120 Series: When web management is enabled for specific services an attacker may cause a CPU spike by sending genuine packets to the device",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue.\u003cbr\u003e\u003cbr\u003eTo reduce the risk of exploitation use authentication when using web management services.\u003cbr\u003e"
}
],
"value": "There are no known workarounds for this issue.\n\nTo reduce the risk of exploitation use authentication when using web management services."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2025-21601",
"datePublished": "2025-04-09T19:51:36.325Z",
"dateReserved": "2024-12-26T14:47:11.670Z",
"dateUpdated": "2025-04-15T20:30:05.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-21590 (GCVE-0-2025-21590)
Vulnerability from nvd – Published: 2025-03-12 13:59 – Updated: 2025-10-21 22:55
VLAI?
Summary
An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device.
A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device.
This issue is not exploitable from the Junos CLI.
This issue affects Junos OS:
* All versions before 21.2R3-S9,
* 21.4 versions before 21.4R3-S10,
* 22.2 versions before 22.2R3-S6,
* 22.4 versions before 22.4R3-S6,
* 23.2 versions before 23.2R2-S3,
* 23.4 versions before 23.4R2-S4,
* 24.2 versions before 24.2R1-S2, 24.2R2.
Severity ?
4.4 (Medium)
CWE
- CWE-653 - Improper Isolation or Compartmentalization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
0 , < 21.2R3-S9
(semver)
Affected: 21.4 , < 21.4R3-S10 (semver) Affected: 22.2 , < 22.2R3-S6 (semver) Affected: 22.4 , < 22.4R3-S6 (semver) Affected: 23.2 , < 23.2R2-S3 (semver) Affected: 23.4 , < 23.4R2-S4 (semver) Affected: 24.2 , < 24.2R1-S2, 24.2R2 (semver) |
Credits
Juniper SIRT would like to acknowledge and thank Matteo Memelli from Amazon for responsibly reporting this issue. Note: Amazon found the issue during internal security research and not due to exploitation.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-21590",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-14T03:55:21.999597Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-03-13",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21590"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:23.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21590"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-13T00:00:00+00:00",
"value": "CVE-2025-21590 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.2R3-S9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S10",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S6",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S6",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S3",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R2-S4",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "24.2R1-S2, 24.2R2",
"status": "affected",
"version": "24.2",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Juniper SIRT would like to acknowledge and thank Matteo Memelli from Amazon for responsibly reporting this issue. Note: Amazon found the issue during internal security research and not due to exploitation."
}
],
"datePublic": "2025-03-12T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device.\u003cbr\u003e\u003cbr\u003eA local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device.\u003cbr\u003eThis issue is not exploitable from the Junos CLI.\u003cbr\u003e\u003cp\u003eThis issue affects Junos OS:\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions before 21.2R3-S9,\u003c/li\u003e\u003cli\u003e21.4 versions before 21.4R3-S10,\u0026nbsp;\u003c/li\u003e\u003cli\u003e22.2 versions before 22.2R3-S6,\u0026nbsp;\u003c/li\u003e\u003cli\u003e22.4 versions before 22.4R3-S6,\u0026nbsp;\u003c/li\u003e\u003cli\u003e23.2 versions before 23.2R2-S3,\u0026nbsp;\u003c/li\u003e\u003cli\u003e23.4 versions before 23.4R2-S4,\u003c/li\u003e\u003cli\u003e24.2 versions before 24.2R1-S2, 24.2R2.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device.\n\nA local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device.\nThis issue is not exploitable from the Junos CLI.\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.2R3-S9,\n * 21.4 versions before 21.4R3-S10,\u00a0\n * 22.2 versions before 22.2R3-S6,\u00a0\n * 22.4 versions before 22.4R3-S6,\u00a0\n * 23.2 versions before 23.2R2-S3,\u00a0\n * 23.4 versions before 23.4R2-S4,\n * 24.2 versions before 24.2R1-S2, 24.2R2."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "At least one instance of malicious exploitation has been reported to the Juniper SIRT. Customers are encouraged to upgrade to a fixed release as soon as it\u0027s available and in the meantime take steps to mitigate this vulnerability."
}
],
"value": "At least one instance of malicious exploitation has been reported to the Juniper SIRT. Customers are encouraged to upgrade to a fixed release as soon as it\u0027s available and in the meantime take steps to mitigate this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-653",
"description": "CWE-653 Improper Isolation or Compartmentalization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T08:00:02.011Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA93446"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R1-S2, 24.2R2, 24.4R1, and all subsequent releases.\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u003c/p\u003e\n\u003cp\u003ePlease note that this issue is not fixed for all platforms in the releases specified in the solution section.\u003c/p\u003e\n\u003cp\u003eFor the following products the fix is only available in these releases:\u003c/p\u003e\n\u003cp\u003eSRX300 Series\u2003\u0026nbsp; 21.2R3-S9, 23.4R2-S5*, 24.4R1\u003c/p\u003e\n\u003cp\u003eSRX550HM\u2003\u2003\u2003 22.2R3-S7*\u003c/p\u003e\n\u003cp\u003eEX4300 Series \u0026nbsp; \u0026nbsp; 21.4R3-S11* (except EX4300-48MP which has fixes available as indicated in the solution)\u003c/p\u003e\n\u003cp\u003eEX4600 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 21.4R3-S11* (except EX4650 which has fixes available as indicated in the solution)\u003c/p\u003e\n\u003cp\u003eACX1000, ACX1100, ACX2100, ACX2200, ACX4000,\u003c/p\u003e\n\u003cp\u003eACX500 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;21.2R3-S9\u003c/p\u003e\n\u003cp\u003eMX104 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 21.2R3-S9\u003c/p\u003e\n\u003cp\u003e* Future Release\u0026nbsp;\u003c/p\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R1-S2, 24.2R2, 24.4R1, and all subsequent releases.\n\n\n\u00a0\n\n\nPlease note that this issue is not fixed for all platforms in the releases specified in the solution section.\n\n\nFor the following products the fix is only available in these releases:\n\n\nSRX300 Series\u2003\u00a0 21.2R3-S9, 23.4R2-S5*, 24.4R1\n\n\nSRX550HM\u2003\u2003\u2003 22.2R3-S7*\n\n\nEX4300 Series \u00a0 \u00a0 21.4R3-S11* (except EX4300-48MP which has fixes available as indicated in the solution)\n\n\nEX4600 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 21.4R3-S11* (except EX4650 which has fixes available as indicated in the solution)\n\n\nACX1000, ACX1100, ACX2100, ACX2200, ACX4000,\n\n\nACX500 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a021.2R3-S9\n\n\nMX104 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 21.2R3-S9\n\n\n* Future Release"
}
],
"source": {
"advisory": "JSA93446",
"defect": [
"1838460",
"1872010"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2025-03-12T14:00:00.000Z",
"value": "Initial Publication"
},
{
"lang": "en",
"time": "2025-03-12T15:16:00.000Z",
"value": "Corrected hotlinks for CVSS assessments"
},
{
"lang": "en",
"time": "2025-03-14T14:00:00.000Z",
"value": "Rephrased sentences on Amazon involvement to reduce the chance for confusion"
},
{
"lang": "en",
"time": "2025-04-09T08:17:00.000Z",
"value": "Updated solution section to clarify which platforms are not fixed in all but only in specific releases"
},
{
"lang": "en",
"time": "2025-04-14T07:15:00.000Z",
"value": "For the products/platforms specifically mentioned in the solution section: Please note that Junos OS version 21.2R3-S9.20, which was made available last week, does not address the issue completely. We\u0027ll publish an updated version with the complete fix and update this advisory as soon as possible."
},
{
"lang": "en",
"time": "2025-05-06T08:00:00.000Z",
"value": "For the products/platforms specifically mentioned in the solution section: Please note that Junos OS version 21.2R3-S9.21 has been publish with the complete fix."
}
],
"title": "Junos OS: An local attacker with shell access can execute arbitrary code",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is strongly recommended to mitigate the risk of exploitation by restricting shell access to trusted users only.\n\n\u003cbr\u003e"
}
],
"value": "It is strongly recommended to mitigate the risk of exploitation by restricting shell access to trusted users only."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2025-21590",
"datePublished": "2025-03-12T13:59:43.038Z",
"dateReserved": "2024-12-26T14:47:11.667Z",
"dateUpdated": "2025-10-21T22:55:23.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39550 (GCVE-0-2024-39550)
Vulnerability from nvd – Published: 2024-07-11 16:29 – Updated: 2024-08-02 04:26
VLAI?
Summary
A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause ( which can be done by repeated port flaps) to cause a slow memory leak, ultimately leading to a Denial of Service (DoS).
Memory can only be recovered by manually restarting rtlogd process.
The memory usage can be monitored using the below command.
user@host> show system processes extensive | match rtlog
This issue affects Junos OS on MX Series with SPC3 line card:
* from 21.2R3 before 21.2R3-S8,
* from 21.4R2 before 21.4R3-S6,
* from 22.1 before 22.1R3-S5,
* from 22.2 before 22.2R3-S3,
* from 22.3 before 22.3R3-S2,
* from 22.4 before 22.4R3-S1,
* from 23.2 before 23.2R2,
* from 23.4 before 23.4R2.
Severity ?
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
21.2R3 , < 21.2R3-S8
(semver)
Affected: 21.4R2 , < 21.4R3-S6 (semver) Affected: 22.1 , < 22.1R3-S5 (semver) Affected: 22.2 , < 22.2R3-S3 (semver) Affected: 22.3 , < 22.3R3-S2 (semver) Affected: 22.4 , < 22.4R3-S1 (semver) Affected: 23.2 , < 23.2R2 (semver) Affected: 23.4 , < 23.4R2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39550",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-11T18:47:29.420589Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T18:47:38.416Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:15.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA83012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"MX Series with SPC3"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.2R3-S8",
"status": "affected",
"version": "21.2R3",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S6",
"status": "affected",
"version": "21.4R2",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S5",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S3",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3-S2",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S1",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R2",
"status": "affected",
"version": "23.4",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNext Gen Services\u0026nbsp;\u003c/span\u003ecan be enabled by using this command:\u0026nbsp;\u003cbr\u003e\u003cbr\u003euser@host\u0026gt; request system enable unified-services\u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAfter you enter \u003c/span\u003e\u003ccode\u003erequest system enable unified-services\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e, reboot the chassis.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Next Gen Services\u00a0can be enabled by using this command:\u00a0\n\nuser@host\u003e request system enable unified-services\n\nAfter you enter request system enable unified-services, reboot the chassis."
}
],
"datePublic": "2024-07-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;of \u003c/span\u003eJuniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause ( which can be done by repeated port flaps)\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eto cause a slow memory leak, ultimately leading to a Denial of Service (DoS). \u003cbr\u003e\u003cbr\u003eMemory can only be recovered by manually restarting rtlogd process.\u0026nbsp;\u003cbr\u003e\u003cp\u003eThe memory usage can be monitored using the below command.\u003c/p\u003e\u003ccode\u003e\u2003\u2003\u2003\u2003user@host\u0026gt; show system processes extensive | match rtlog\u0026nbsp;\u003cbr\u003e\u003c/code\u003e\u003c/span\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Junos OS on MX Series with SPC3 line card:\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003efrom 21.2R3 before 21.2R3-S8,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 21.4R2 before 21.4R3-S6,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.1 before 22.1R3-S5,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.2 before 22.2R3-S3,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.3 before 22.3R3-S2,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.4 before 22.4R3-S1,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 23.2 before 23.2R2,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R2.\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process\u00a0of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause ( which can be done by repeated port flaps)\u00a0to cause a slow memory leak, ultimately leading to a Denial of Service (DoS). \n\nMemory can only be recovered by manually restarting rtlogd process.\u00a0\nThe memory usage can be monitored using the below command.\n\n\u2003\u2003\u2003\u2003user@host\u003e show system processes extensive | match rtlog\u00a0\n\n\n\nThis issue affects Junos OS on MX Series with SPC3 line card:\u00a0\n\n\n\n * from 21.2R3 before 21.2R3-S8,\u00a0\n * from 21.4R2 before 21.4R3-S6,\u00a0\n * from 22.1 before 22.1R3-S5,\u00a0\n * from 22.2 before 22.2R3-S3,\u00a0\n * from 22.3 before 22.3R3-S2,\u00a0\n * from 22.4 before 22.4R3-S1,\u00a0\n * from 23.2 before 23.2R2,\u00a0\n * from 23.4 before 23.4R2."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/R:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401 Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T16:29:03.646Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA83012"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue:\u003cbr\u003e \u003cbr\u003eJunos OS: 21.2R3-S8, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3-S1, 23.2R2, 23.4R2, 24.2R1, and all subsequent releases."
}
],
"value": "The following software releases have been updated to resolve this specific issue:\n \nJunos OS: 21.2R3-S8, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3-S1, 23.2R2, 23.4R2, 24.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA83012",
"defect": [
"1779424"
],
"discovery": "USER"
},
"title": "Junos OS: MX Series with SPC3 line card: Port flaps causes rtlogd memory leak leading to Denial of Service",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue."
}
],
"value": "There are no known workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2024-39550",
"datePublished": "2024-07-11T16:29:03.646Z",
"dateReserved": "2024-06-25T15:12:53.246Z",
"dateUpdated": "2024-08-02T04:26:15.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39549 (GCVE-0-2024-39549)
Vulnerability from nvd – Published: 2024-07-11 16:27 – Updated: 2025-02-26 18:16
VLAI?
Summary
A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).
Consumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).
Memory utilization could be monitored by:
user@host> show system memory or show system monitor memory status
This issue affects:
Junos OS: * All versions before 21.2R3-S8,
* from 21.4 before 21.4R3-S8,
* from 22.2 before 22.2R3-S4,
* from 22.3 before 22.3R3-S3,
* from 22.4 before 22.4R3-S3,
* from 23.2 before 23.2R2-S1,
* from 23.4 before 23.4R1-S2, 23.4R2.
Junos OS Evolved:
* All versions before 21.2R3-S8-EVO,
* from 21.4 before 21.4R3-S8-EVO,
* from 22.2 before 22.2R3-S4-EVO,
* from 22.3 before 22.3R3-S3-EVO,
* from 22.4 before 22.4R3-S3-EVO,
* from 23.2 before 23.2R2-S1-EVO,
* from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO.
Severity ?
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
0 , < 21.2R3-S8
(semver)
Affected: 21.4 , < 21.4R3-S8 (semver) Affected: 22.2 , < 22.2R3-S4 (semver) Affected: 22.3 , < 22.3R3-S3 (semver) Affected: 22.4 , < 22.4R3-S3 (semver) Affected: 23.2 , < 23.2R2-S1 (semver) Affected: 23.4 , < 23.4R1-S2, 23.4R2 (semver) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:juniper:junos_os:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "junos_os",
"vendor": "juniper",
"versions": [
{
"lessThan": "21.2R3-S8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S8",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S4",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3-S3",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S3",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S1",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R1-S2",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "23.4R2",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "24.2R2",
"status": "affected",
"version": "24.2",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "junos_os_evolved",
"vendor": "juniper",
"versions": [
{
"lessThan": "21.2R3-S8-EVO",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S8-EVO",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S4-EVO",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3-S3-EVO",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S3-EVO",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S1-EVO",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R1-S2-EVO",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "23.4R2-EVO",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "24.2R2-EVO",
"status": "affected",
"version": "24.2",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39549",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T18:16:20.812180Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T18:16:27.497Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:15.913Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA83011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.2R3-S8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S8",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S4",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3-S3",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S3",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S1",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R1-S2, 23.4R2",
"status": "affected",
"version": "23.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.2R3-S8-EVO",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S8-EVO",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S4-EVO",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3-S3-EVO",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S3-EVO",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S1-EVO",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R1-S2-EVO, 23.4R2-EVO",
"status": "affected",
"version": "23.4",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-07-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of\u0026nbsp;Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003eConsumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).\u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMemory utilization could be monitored by:\u0026nbsp;\u003cbr\u003euser@host\u0026gt; show system memory or show system monitor memory status\u003c/span\u003e\u003cbr\u003e\u003cbr\u003eThis issue affects:\u003cbr\u003e\u003cbr\u003eJunos OS:\u0026nbsp;\u003cul\u003e\u003cli\u003eAll versions before 21.2R3-S8,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 21.4 before 21.4R3-S8,\u003cbr\u003e\u003c/li\u003e\u003cli\u003efrom 22.2 before 22.2R3-S4,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.3 before 22.3R3-S3,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.4 before 22.4R3-S3,\u003c/li\u003e\u003cli\u003efrom 23.2 before 23.2R2-S1,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R1-S2, 23.4R2.\u003c/li\u003e\u003c/ul\u003eJunos OS Evolved:\u003cbr\u003e\u003cul\u003e\u003cli\u003eAll versions before 21.2R3-S8-EVO, \u003c/li\u003e\u003cli\u003efrom 21.4 before 21.4R3-S8-EVO,\u003c/li\u003e\u003cli\u003efrom 22.2 before 22.2R3-S4-EVO, \u003c/li\u003e\u003cli\u003efrom 22.3 before 22.3R3-S3-EVO, \u003c/li\u003e\u003cli\u003efrom 22.4 before 22.4R3-S3-EVO,\u003cbr\u003e\u003c/li\u003e\u003cli\u003efrom 23.2 before 23.2R2-S1-EVO, \u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
}
],
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).\n\nConsumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).\n\nMemory utilization could be monitored by:\u00a0\nuser@host\u003e show system memory or show system monitor memory status\n\nThis issue affects:\n\nJunos OS:\u00a0 * All versions before 21.2R3-S8,\u00a0\n * from 21.4 before 21.4R3-S8,\n\n * from 22.2 before 22.2R3-S4,\u00a0\n * from 22.3 before 22.3R3-S3,\u00a0\n * from 22.4 before 22.4R3-S3,\n * from 23.2 before 23.2R2-S1,\u00a0\n * from 23.4 before 23.4R1-S2, 23.4R2.\n\n\nJunos OS Evolved:\n * All versions before 21.2R3-S8-EVO, \n * from 21.4 before 21.4R3-S8-EVO,\n * from 22.2 before 22.2R3-S4-EVO, \n * from 22.3 before 22.3R3-S3-EVO, \n * from 22.4 before 22.4R3-S3-EVO,\n\n * from 23.2 before 23.2R2-S1-EVO, \n * from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401: Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T21:09:45.677Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA83011"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue:\u003cbr\u003e \u003cbr\u003eJunos OS: 21.2R3-S8, 21.4R3-S8, 22.2R3-S4, 22.3R3-S3, \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e22.4R3-S3,\u0026nbsp;\u003c/span\u003e23.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases.\u003cbr\u003e\u003cbr\u003e\nJunos OS Evolved:\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e21.2R3-S8-EVO, 21.4R3-S8-EVO, 22.2R3-S4-EVO, \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e22.3R3-S3-EVO,\u0026nbsp;\u003c/span\u003e22.4R3-S3-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 24.2R1-EVO and all subsequent releases.\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue:\n \nJunos OS: 21.2R3-S8, 21.4R3-S8, 22.2R3-S4, 22.3R3-S3, 22.4R3-S3,\u00a023.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases.\n\n\nJunos OS Evolved:\u00a021.2R3-S8-EVO, 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO,\u00a022.4R3-S3-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 24.2R1-EVO and all subsequent releases."
}
],
"source": {
"advisory": "JSA83011",
"defect": [
"1778879"
],
"discovery": "INTERNAL"
},
"title": "Junos OS and Junos OS Evolved: Receipt of malformed BGP path attributes leads to a memory leak",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are no known workarounds for this issue.\u003c/p\u003e"
}
],
"value": "There are no known workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2024-39549",
"datePublished": "2024-07-11T16:27:19.238Z",
"dateReserved": "2024-06-25T15:12:53.246Z",
"dateUpdated": "2025-02-26T18:16:27.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-200202-0006
Vulnerability from variot - Updated: 2024-07-23 22:34Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code ・ If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the “Overview” for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. MPE/iX is an Internet-ready operating system for the HP e3000 class servers. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. It was previously known as UCD-SNMP. They typically notify the manager that some event has occured or otherwise provide information about the status of the agent. Multiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP trap messages. Among the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. HP has confirmed that large traps will cause OpenView Network Node Manager to crash. This may be due to an exploitable buffer overflow condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200202-0006",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "3com",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adventnet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "american power conversion",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "aprisma",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bea",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bmc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cnt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "comtek services",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cscare",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cacheflow",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "carrier access",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "compaq computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "computer associates",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "concord",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dart",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "entrada",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "equinox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "fluke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "general datacomm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hirschmann",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "iplanet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "itouch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "infovista",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "inktomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "innerdive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ipswitch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "karlnet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lantronix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "larscom incorporated",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lotus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mg soft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "marconi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mercury interactive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "metrobility optical",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "micromuse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "monfox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "multinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net snmp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network harmoni",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nbase xyplex",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscout",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netsilicon",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscape",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network appliance",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwave",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "optical access",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "perle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "powerware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "radware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "redback",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "riverstone",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "snmp research",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sniffer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonicwall",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "symantec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "the sco group sco unix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "tivoli",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "toshiba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "unisphere",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vertical",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vina",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "wind river",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "world wide packets",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "xerox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "e security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net com",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "snmp",
"version": "*"
},
{
"model": "windows 98se",
"scope": null,
"trust": 0.9,
"vendor": "microsoft",
"version": null
},
{
"model": "windows",
"scope": "eq",
"trust": 0.9,
"vendor": "microsoft",
"version": "95"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.9,
"vendor": "microsoft",
"version": "2000"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nudesign team",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "outback resource group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "veritas",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bintec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "interniche",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ncipher corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netscreen",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "windows 2000",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "95"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98 scd"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "me"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (server)"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (terminal_srv)"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (workstation)"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "windows xp gold",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "0"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6.0"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.0"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "4.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "4.0"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.6,
"vendor": "net snmp",
"version": "4.2.1"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.6,
"vendor": "net snmp",
"version": "4.1.1"
},
{
"model": "ucd-snmp",
"scope": "ne",
"trust": 0.6,
"vendor": "net snmp",
"version": "4.2.2"
},
{
"model": "snmp",
"scope": null,
"trust": 0.6,
"vendor": "snmp",
"version": null
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.0"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0.1"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0.1"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.1"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.1.2"
},
{
"model": "ucd-snmp",
"scope": "ne",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.2.3"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.5"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.4"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.3"
},
{
"model": "research mid-level manager",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "research enterpol",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "research dr-web manager",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "brocade",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.6.0"
},
{
"model": "networks aos",
"scope": null,
"trust": 0.3,
"vendor": "redback",
"version": null
},
{
"model": "realplayer intranet",
"scope": "eq",
"trust": 0.3,
"vendor": "realnetworks",
"version": "5.0"
},
{
"model": "software tcpware",
"scope": "eq",
"trust": 0.3,
"vendor": "process",
"version": "5.5"
},
{
"model": "software multinet",
"scope": "eq",
"trust": 0.3,
"vendor": "process",
"version": "4.4"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.2"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.5"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.11"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.2"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.0"
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt workstation sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "98"
},
{
"model": "windows terminal services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "domino snmp agents solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1x86"
},
{
"model": "domino snmp agents solaris sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"model": "domino snmp agents hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"model": "lrs",
"scope": null,
"trust": 0.3,
"vendor": "lantronix",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "solutions router ip console",
"scope": "eq",
"trust": 0.3,
"vendor": "innerdive",
"version": "3.3.0.406"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1"
},
{
"model": "secure os software for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "procurve switch 8000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl-bundle",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2525"
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2524"
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2512"
},
{
"model": "procurve switch 2424m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 2400m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 1600m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ov/sam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.10"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "openview network node manager nt 4.x/windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.22000"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.211.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.210.x"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.111.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.110.x"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "openview network node manager nt 4.x/windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.02000"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.011.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.010.20"
},
{
"model": "openview network node manager windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0.23.51/4.0"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "openview extensible snmp agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "openview emanate snmp agent solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.22.x"
},
{
"model": "openview emanate snmp agent hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.211.x"
},
{
"model": "openview emanate snmp agent hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.210.20"
},
{
"model": "openview distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "openview distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.03"
},
{
"model": "mc/serviceguard",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.20.00"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.32"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.00"
},
{
"model": "ito/vpo/ovo unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "ems a.03.20",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ems a.03.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ems a.03.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "services nmserver",
"scope": "eq",
"trust": 0.3,
"vendor": "comtek",
"version": "3.4"
},
{
"model": "associates unicenter",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7.1.1"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7.1.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7"
},
{
"model": "openunix",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "8.0"
},
{
"model": "openserver",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "5.0.6"
},
{
"model": "openserver",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "5.0.5"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1"
},
{
"model": "web nms msp edition",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "web nms",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "snmp utilities",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "snmp api",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "mediation server",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "management builder",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "fault management toolkit",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "configuration management toolkit",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "cli api",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "agent toolkit java/jmx edition",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "agent toolkit c edition",
"scope": "eq",
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "webcache",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3000"
},
{
"model": "webcache",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1000"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "4900"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "4400"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3300"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1100"
},
{
"model": "ps hub",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "50"
},
{
"model": "ps hub",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "40"
},
{
"model": "dual speed hub",
"scope": null,
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "brocade .0d",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "2.6"
},
{
"model": "solutions router ip console",
"scope": "ne",
"trust": 0.3,
"vendor": "innerdive",
"version": "3.3.0.407"
},
{
"model": "jetdirect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x.21.00"
},
{
"model": "jetdirect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.32"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:snmp:snmp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by the Oulu University Secure Programming Group.",
"sources": [
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
}
],
"trust": 0.9
},
"cve": "CVE-2002-0012",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2002-0012",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-0012",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#107186",
"trust": 0.8,
"value": "69.26"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#854306",
"trust": 0.8,
"value": "42.64"
},
{
"author": "CNNVD",
"id": "CNNVD-200202-007",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code \u30fb If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. MPE/iX is an Internet-ready operating system for the HP e3000 class servers. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. It was previously known as UCD-SNMP. They typically notify the manager that some event has occured or otherwise provide information about the status of the agent. \nMultiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP trap messages. \nAmong the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. \nHP has confirmed that large traps will cause OpenView Network Node Manager to crash. This may be due to an exploitable buffer overflow condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0012"
},
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
}
],
"trust": 4.68
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-0012",
"trust": 3.9
},
{
"db": "CERT/CC",
"id": "VU#107186",
"trust": 3.2
},
{
"db": "BID",
"id": "4088",
"trust": 2.2
},
{
"db": "BID",
"id": "4732",
"trust": 1.9
},
{
"db": "BID",
"id": "4089",
"trust": 1.9
},
{
"db": "BID",
"id": "4132",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#854306",
"trust": 1.4
},
{
"db": "BID",
"id": "5043",
"trust": 1.3
},
{
"db": "XF",
"id": "8177",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007",
"trust": 0.6
},
{
"db": "BID",
"id": "89608",
"trust": 0.3
},
{
"db": "BID",
"id": "89661",
"trust": 0.3
},
{
"db": "BID",
"id": "4203",
"trust": 0.3
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"id": "VAR-200202-0006",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.489583335
},
"last_update_date": "2024-07-23T22:34:48.127000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX00184",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00964944"
},
{
"title": "MS02-006",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.mspx"
},
{
"title": "RHSA-2001:163",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2001-163.html"
},
{
"title": "#00215",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-1"
},
{
"title": "#00215",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-3"
},
{
"title": "IBM Information for VU#107186",
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/iafy-55krcv"
},
{
"title": "MS02-006",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms02-006.mspx"
},
{
"title": "RHSA-2001:163",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2001-163j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.cert.org/advisories/ca-2002-03.html"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/107186"
},
{
"trust": 1.6,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/"
},
{
"trust": 1.6,
"url": "http://www.cert.org/tech_tips/denial_of_service.html"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc3000.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1212.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1213.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1215.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1270.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2570.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2571.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2572.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2573.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2574.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2575.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2576.txt"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/4088"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4132"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4732"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/4089"
},
{
"trust": 1.6,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html"
},
{
"trust": 1.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0012"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20020201-01-a"
},
{
"trust": 1.0,
"url": "http://www.iss.net/security_center/alerts/advise110.php"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2001-163.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/advisories/4211"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/5043"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1048"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a144"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a161"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a298"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/m-042.shtml"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/20020213snmp.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr020701.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr020901.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2002/at020001.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2002-03"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0012"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/8177"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0013"
},
{
"trust": 0.6,
"url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.asp"
},
{
"trust": 0.6,
"url": "http://www.kb.cert.org/vuls/id/854306"
},
{
"trust": 0.3,
"url": "http://online.securityfocus.com/bid/4088"
},
{
"trust": 0.3,
"url": "http://online.securityfocus.com/bid/4089"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f44605"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f42769"
},
{
"trust": 0.3,
"url": "http://online.securityfocus.com/news/474"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-006.asp"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/snmp_2002_alert.pdf"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-01-16T00:00:00",
"db": "CERT/CC",
"id": "VU#107186"
},
{
"date": "2002-02-12T00:00:00",
"db": "CERT/CC",
"id": "VU#854306"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89608"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89661"
},
{
"date": "2002-06-18T00:00:00",
"db": "BID",
"id": "5043"
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732"
},
{
"date": "2002-02-27T00:00:00",
"db": "BID",
"id": "4203"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4088"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"date": "2002-02-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"date": "2002-02-13T05:00:00",
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#107186"
},
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#854306"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89608"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89661"
},
{
"date": "2009-07-11T13:56:00",
"db": "BID",
"id": "5043"
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732"
},
{
"date": "2009-07-11T10:56:00",
"db": "BID",
"id": "4203"
},
{
"date": "2009-07-11T10:56:00",
"db": "BID",
"id": "4088"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"date": "2018-10-12T21:30:46.750000",
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
}
],
"trust": 1.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in SNMPv1 trap handling",
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
}
],
"trust": 0.6
}
}
VAR-201405-0244
Vulnerability from variot - Updated: 2024-07-23 22:12The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition. OpenSSL is prone to denial-of-service vulnerability. An attacker may exploit this issue to crash the application, resulting in denial-of-service conditions.
The oldstable distribution (squeeze) is not affected.
For the stable distribution (wheezy), this problem has been fixed in version 1.0.1e-2+deb7u9.
For the testing distribution (jessie), this problem has been fixed in version 1.0.1g-4.
For the unstable distribution (sid), this problem has been fixed in version 1.0.1g-4.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://advisories.mageia.org/MGASA-2014-0204.html
Updated Packages:
Mandriva Business Server 1/X86_64: 0960978623ce1a63b660860f11a273cd mbs1/x86_64/lib64openssl1.0.0-1.0.0k-1.3.mbs1.x86_64.rpm a1f2e8359b1823df2bbf4cef25ed0fa5 mbs1/x86_64/lib64openssl-devel-1.0.0k-1.3.mbs1.x86_64.rpm 9caf8ee1e9151cd22cc8bbbcec6ddc64 mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0k-1.3.mbs1.x86_64.rpm e7e8655dcdfcf3499b5d3280a7023beb mbs1/x86_64/lib64openssl-static-devel-1.0.0k-1.3.mbs1.x86_64.rpm 34ef39c4e07e20ed081ff466b744e6b1 mbs1/x86_64/openssl-1.0.0k-1.3.mbs1.x86_64.rpm 4c4315e35972686c692a095851d42cd4 mbs1/SRPMS/openssl-1.0.0k-1.3.mbs1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security.
HP Insight Control server deployment packages HP System Management Homepage (SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and deploys them through the following components. This bulletin provides the information needed to update the HP Insight Control server deployment solution. HP has provided manual update steps if a version upgrade is not possible; if users wish to remain at v7.1.2, v7.2.0, or v7.2.1.
Note: It is important to check your current running version of HP Insight Control server deployment and to follow the correct steps listed below. For HP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and follow the steps below to remove the vulnerability. That Security Bulletin with instructions on how to upgrade to v7.3.1 can be found here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n a-c04267749
HP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should take the following steps to remove this vulnerability.
Delete the files smhamd64-.exe/smhx86-.exe" from Component Copy Location listed in the following table, rows 1 and 2. Delete the files "vcax86-.exe/vcaamd64-.exe from Component Copy Location listed in the following table, rows 3 and 4. Delete the files hpsmh-7.*.rpm" from Component Copy Location listed in row 5. In sequence, perform the steps from left to right in the following table. First, download components from Download Link; Second, rename the component as suggested in Rename to. Third, copy the component to the location specified in Component Copy Location. Table Row Number Download Link Rename to Component Copy Location
1 http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba smhamd64-ccp023716.exe \express\hpfeatures\hpagents-ws\components\Win2008
2 http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05 smhx86-cp023715.exe \express\hpfeatures\hpagents-ws\components\Win2008
3 http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13 vcax86-cp023742.exe \express\hpfeatures\hpagents-ws\components\Win2008
4 http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2 vcaamd64-cp023743.exe \express\hpfeatures\hpagents-ws\components\Win2008
5 http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93 Do not rename the downloaded component for this step. \express\hpfeatures\hpagents-sles11-x64\components \express\hpfeatures\hpagents-sles10-x64\components \express\hpfeatures\hpagents-rhel5-x64\components \express\hpfeatures\hpagents-rhel6-x64\components
Download and extract the HPSUM 5.3.6 component from ftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793
Copy all content from extracted ZIP folder and paste into \eXpress\hpfeatures\fw-proLiant\components Initiate Install HP Management Agents for SLES 11 x64 on targets running SLES11 x64. Initiate Install HP Management Agents for SLES 10 x64 on targets running SLES10 x64. Initiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL 6 x64. Initiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL 5 x64. Initiate Install HP Management Agents for Windows x86/x64 on targets running Windows.
HP Insight Control server deployment users with v7.2.2:
Please upgrade to Insight Control server deployment v7.3.1 and follow the steps below for v7.3.1.
HP Insight Control server deployment users with v7.3.1:
Perform steps 1 - 4 as outlined above for users with HP Insight Control server deployment v7.1.2, v7.2.0, and v7.2.1. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201407-05
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: July 27, 2014 Bugs: #512506 ID: 201407-05
Synopsis
Multiple vulnerabilities have been found in OpenSSL, possibly allowing remote attackers to execute arbitrary code.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1h-r1"
References
[ 1 ] CVE-2010-5298 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5298 [ 2 ] CVE-2014-0195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0195 [ 3 ] CVE-2014-0198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0198 [ 4 ] CVE-2014-0221 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0221 [ 5 ] CVE-2014-0224 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0224 [ 6 ] CVE-2014-3470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3470 [ 7 ] OpenSSL Security Advisory [05 Jun 2014] http://www.openssl.org/news/secadv_20140605.txt
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201407-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . These vulnerabilities include:
-
The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information.
-
HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2010-5298
4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)
CVE-2014-0076
4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)
CVE-2014-0195
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-0198
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0221
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0224
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-3470
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-3566
3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVE-2016-0705
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE recommends applying the following software updates to resolve the vulnerabilities in the impacted versions of HPE StoreVirtual products running HPE LeftHand OS.
LeftHand OS v11.5 - Patches 45019-00 and 45020 LeftHand OS v12.0 - Patches 50016-00 and 50017-00 LeftHand OS v12.5 - Patch 55016-00 LeftHand OS v12.6 - Patch 56002-00
Notes:
These patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision to OpenSSL v1.0.1e 48. These patches migrate Certificate Authority Hashing Algorithm from a weak hashing algorithm SHA1 to the stronger hashing algorithm SHA256. Summary
VMware product updates address OpenSSL security vulnerabilities.
- Relevant Releases
ESXi 5.5 prior to ESXi550-201406401-SG
-
OpenSSL libraries have been updated in multiple products to versions 0.9.8za and 1.0.1h in order to resolve multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0224, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470, CVE-2014-0221 and CVE-2014-0195 to these issues. The most important of these issues is CVE-2014-0224.
CVE-2014-0198, CVE-2010-5298 and CVE-2014-3470 are considered to be of moderate severity. Exploitation is highly unlikely or is mitigated due to the application configuration.
CVE-2014-0221 and CVE-2014-0195, which are listed in the OpenSSL Security Advisory (see Reference section below), do not affect any VMware products. For readability the affected products have been split into 3 tables below, based on the different client-server configurations and deployment scenarios. Applying these patches to affected servers will mitigate the affected clients (See Table 1 below). can be mitigated by using a secure network such as VPN (see Table 2 below).
Clients and servers that are deployed on an isolated network are less exposed to CVE-2014-0224 (see Table 3 below). The affected products are typically deployed to communicate over the management network.
RECOMMENDATIONS
VMware recommends customers evaluate and deploy patches for affected Servers in Table 1 below as these patches become available. Patching these servers will remove the ability to exploit the vulnerability described in CVE-2014-0224 on both clients and servers. VMware recommends customers consider applying patches to products listed in Table 2 & 3 as required.
Column 4 of the following tables lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product Running Replace with/ Product Version on Apply Patch ============== ======= ======= ============= ESXi 5.5 ESXi ESXi550- 201406401-SG
Big Data Extensions 1.1 patch pending Charge Back Manager 2.6 patch pending
Horizon Workspace Server GATEWAY 1.8.1 patch pending Horizon Workspace Server GATEWAY 1.5 patch pending
Horizon Workspace Server DATA 1.8.1 patch pending
Horizon Mirage Edge Gateway 4.4.2 patch pending Horizon View 5.3.1 patch pending
Horizon View Feature Pack 5.3 SP2 patch pending
NSX for Multi-Hypervisor 4.1.2 patch pending NSX for Multi-Hypervisor 4.0.3 patch pending NSX for vSphere 6.0.4 patch pending NVP 3.2.2 patch pending vCAC 6.0.1 patch pending
vCloud Networking and Security 5.5.2 patch pending vCloud Networking and Security 5.1.2 patch pending
vFabric Web Server 5.3.4 patch pending
vCHS - DPS-Data Protection 2.0 patch pending Service
Table 2 ======== Affected clients running a vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating over an untrusted network.
VMware Product Running Replace with/ Product Version on Apply Patch ============== ======= ======= ============= vCSA 5.5 patch pending vCSA 5.1 patch pending vCSA 5.0 patch pending
ESXi 5.1 ESXi patch pending ESXi 5.0 ESXi patch pending
Workstation 10.0.2 any patch pending Workstation 9.0.3 any patch pending Fusion 6.x OSX patch pending Fusion 5.x OSX patch pending Player 10.0.2 any patch pending Player 9.0.3 any patch pending
Chargeback Manager 2.5.x patch pending
Horizon Workspace Client for 1.8.1 OSX patch pending Mac Horizon Workspace Client for 1.5 OSX patch pending Mac Horizon Workspace Client for 1.8.1 Windows patch pending Windows
Horizon Workspace Client for 1.5 Windows patch pendingOVF Tool 3.5.1 patch pending OVF Tool 3.0.1 patch pending
vCenter Operations Manager 5.8.1 patch pending
vCenter Support Assistant 5.5.0 patch pending vCenter Support Assistant 5.5.1 patch pending
vCD 5.1.2 patch pending
vCD 5.1.3 patch pending vCD 5.5.1.1 patch pending vCenter Site Recovery Manager 5.0.3.1 patch pendingTable 3 ======= The following table lists all affected clients running a vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating over an untrusted network.
VMware Product Running Replace with/ Product Version on Apply Patch ============== ======= ======= ============= vCenter Server 5.5 any patch pending vCenter Server 5.1 any patch pending vCenter Server 5.0 any patch pending
Update Manager 5.5 Windows patch pending Update Manager 5.1 Windows patch pending Update Manager 5.0 Windows patch pending
Config Manager (VCM) 5.6 patch pending
Horizon View Client 5.3.1 patch pending Horizon View Client 4.x patch pending Horizon Workspace 1.8.1 patch pending Horizon Workspace 1.5 patch pending
ITBM Standard 1.0.1 patch pending ITBM Standard 1.0 patch pending
Studio 2.6.0.0 patch pending
Usage Meter 3.3 patch pending vCenter Chargeback Manager 2.6 patch pending vCenter Converter Standalone 5.5 patch pending vCenter Converter Standalone 5.1 patch pending vCD (VCHS) 5.6.2 patch pending
vCenter Site Recovery Manager 5.5.1 patch pending vCenter Site Recovery Manager 5.1.1 patch pending
vFabric Application Director 5.2.0 patch pending vFabric Application Director 5.0.0 patch pending View Client 5.3.1 patch pending View Client 4.x patch pending VIX API 5.5 patch pending VIX API 1.12 patch pending
vMA (Management Assistant) 5.1.0.1 patch pending
VMware Data Recovery 2.0.3 patch pending
VMware vSphere CLI 5.5 patch pending
vSphere Replication 5.5.1 patch pending vSphere Replication 5.6 patch pending vSphere SDK for Perl 5.5 patch pending vSphere Storage Appliance 5.5.1 patch pending vSphere Storage Appliance 5.1.3 patch pending vSphere Support Assistant 5.5.1 patch pending vSphere Support Assistant 5.5.0 patch pending vSphere Virtual Disk 5.5 patch pending Development Kit
vSphere Virtual Disk 5.1 patch pending Development Kit vSphere Virtual Disk 5.0 patch pending Development Kit -
Solution
ESXi 5.5
Download: https://www.vmware.com/patchmgr/download.portal
Release Notes and Remediation Instructions: http://kb.vmware.com/kb/2077359
- References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
https://www.openssl.org/news/secadv_20140605.txt
- Change Log
2014-06-10 VMSA-2014-0006 Initial security advisory in conjunction with the release of ESXi 5.5 updates on 2014-06-10
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04347622
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04347622 Version: 2
HPSBHF03052 rev.2 - HP Network Products running OpenSSL, Multiple Remote Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2014-06-20 Last Updated: 2014-11-20
Potential Security Impact: Remote Denial of Service (DoS), code execution, unauthorized access, modification of information, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Network Products running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, modify or disclose information.
References:
CVE-2010-5298 (SSRT101561) Remote Denial of Service (DoS) or Modification of Information CVE-2014-0198 (SSRT101561) Remote Unauthorized Access CVE-2014-0224 (SSRT101593) Remote Unauthorized Access or Disclosure of Information
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Please refer to the RESOLUTION section below for a list of impacted products.
NOTE:
All products listed are impacted by CVE-2014-0224. This is the vulnerability known as "Heartbleed". HP Intelligent Management Center (iMC) is also impacted by CVE-2014-0198 and CVE-2010-5298.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION On June 5th 2014, OpenSSL.org issued an advisory with several CVE vulnerabilities. HP Networking is working to release fixes for these vulnerabilities that impact the products in the table below. As fixed software is made available, this security bulletin will be updated to show the fixed versions. Until the software fixes are available, HP Networking is providing the following information including possible workarounds to mitigate the risks of these vulnerabilities.
Workarounds
HP Networking equipment is typically deployed inside firewalls and access
to management interfaces and other protocols is more tightly controlled than in public environments.
Following the guidelines in the Hardening Comware-based devices can help
to further reduce man-in-the-middle opportunities:
http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=
c03536920
For an HP Networking device acting as an OpenSSL Server, using a patched
OpenSSL client or non-OpenSSL client eliminates the risk.
Protocol Notes
The following details the protocols that use OpenSSL in Comware v5 and
Comware v7:
- Comware V7:
Server:
FIPS/HTTPS/Load Balancing/Session Initiation Protocol
Client:
Load Balancing/OpenFlow/Session Initiation Protocol/State Machine
Based Anti-Spoofing/Dynamic DNS
- Comware V5:
Server:
CAPWAP/EAP/SSLVPN
Client:
Dynamic DNS
Family Fixed Version HP Branded Products Impacted H3C Branded Products Impacted 3Com Branded Products Impacted
12900 Switch Series 12900_7.10.R1109 12900_7.10.R1005P07 JG619A HP FF 12910 Switch AC Chassis JG621A HP FF 12910 Main Processing Unit JG632A HP FF 12916 Switch AC Chassis JG634A HP FF 12916 Main Processing Unit
12500.0 12500_5.20.R1828P04 12500_5.20.R1828P04-US JC085A HP A12518 Switch Chassis JC086A HP A12508 Switch Chassis JC652A HP 12508 DC Switch Chassis JC653A HP 12518 DC Switch Chassis JC654A HP 12504 AC Switch Chassis JC655A HP 12504 DC Switch Chassis JF430A HP A12518 Switch Chassis JF430B HP 12518 Switch Chassis JF430C HP 12518 AC Switch Chassis JF431A HP A12508 Switch Chassis JF431B HP 12508 Switch Chassis JF431C HP 12508 AC Switch Chassis JC072B HP 12500 Main Processing Unit JC808A HP 12500 TAA Main Processing Unit H3C S12508 Routing Switch(AC-1) (0235A0GE) H3C S12518 Routing Switch(AC-1) (0235A0GF) H3C S12508 Chassis (0235A0E6) H3C S12508 Chassis (0235A38N) H3C S12518 Chassis (0235A0E7) H3C S12518 Chassis (0235A38M)
12500 (Comware v7) 12500_7.10.R7328P03 JC085A HP A12518 Switch Chassis JC086A HP A12508 Switch Chassis JC652A HP 12508 DC Switch Chassis JC653A HP 12518 DC Switch Chassis JC654A HP 12504 AC Switch Chassis JC655A HP 12504 DC Switch Chassis JF430A HP A12518 Switch Chassis JF430B HP 12518 Switch Chassis JF430C HP 12518 AC Switch Chassis JF431A HP A12508 Switch Chassis JF431B HP 12508 Switch Chassis JF431C HP 12508 AC Switch Chassis JC072B HP 12500 Main Processing Unit JG497A HP 12500 MPU w/Comware V7 OS JG782A HP FF 12508E AC Switch Chassis JG783A HP FF 12508E DC Switch Chassis JG784A HP FF 12518E AC Switch Chassis JG785A HP FF 12518E DC Switch Chassis JG802A HP FF 12500E MPU H3C S12508 Routing Switch(AC-1) (0235A0GE) H3C S12518 Routing Switch(AC-1) (0235A0GF) H3C S12508 Chassis (0235A0E6) H3C S12508 Chassis (0235A38N) H3C S12518 Chassis (0235A0E7) H3C S12518 Chassis (0235A38M)
11900 Switch Series 11900_7.10.R2111P04 JG608A HP FF 11908-V Switch Chassis JG609A HP FF 11900 Main Processing Unit
10500 Switch Series (Comware v5) 10500_5.20.R1208P09 10500_5.20.R1208P09-US JC611A HP 10508-V Switch Chassis JC612A HP 10508 Switch Chassis JC613A HP 10504 Switch Chassis JC614A HP 10500 Main Processing Unit JC748A HP 10512 Switch Chassis JG375A HP 10500 TAA Main Processing Unit JG820A HP 10504 TAA Switch Chassis JG821A HP 10508 TAA Switch Chassis JG822A HP 10508-V TAA Switch Chassis JG823A HP 10512 TAA Switch Chassis
10500 Switch Series (Comware v7) 10500_7.10.R2111P04 JC611A HP 10508-V Switch Chassis JC612A HP 10508 Switch Chassis JC613A HP 10504 Switch Chassis JC748A HP 10512 Switch Chassis JG820A HP 10504 TAA Switch Chassis JG821A HP 10508 TAA Switch Chassis JG822A HP 10508-V TAA Switch Chassis JG823A HP 10512 TAA Switch Chassis JG496A HP 10500 Type A MPU w/Comware v7 OS
9500E S9500E_5.20.R1828P04 JC124A HP A9508 Switch Chassis JC124B HP 9505 Switch Chassis JC125A HP A9512 Switch Chassis JC125B HP 9512 Switch Chassis JC474A HP A9508-V Switch Chassis JC474B HP 9508-V Switch Chassis H3C S9505E Routing-Switch Chassis (0235A0G6) H3C S9508E-V Routing-Switch Chassis (0235A38Q) H3C S9512E Routing-Switch Chassis (0235A0G7) H3C S9508E-V Routing-Switch Chassis (0235A38Q) H3C S9505E Chassis w/ Fans (0235A38P) H3C S9512E Chassis w/ Fans (0235A38R)
7900.0 7900_7.10.R2118 JG682A HP FlexFabric 7904 Switch Chassis
7500 Switch Series 7500_5.20.R6708P09 7500_5.20.R6708P09-US JC666A HP A7503-S 144 Gbps Fab/MPU w 24p Gig-T JC697A HP A7502 TAA Main Processing Unit JC698A HP A7503S 144 Gbps TAA Fab/MPU w 24p GbE JC699A HP A7500 384Gbps TAA Fab/MPU w 2p 10-GbE JC700A HP A7500 384 Gbps TAA Fabric / MPU JC701A HP A7510 768 Gbps TAA Fabric / MPU JD193A HP 384 Gbps A7500 Fab Mod w/2 XFP Ports JD193B HP 7500 384Gbps Fab Mod w/2 XFP Ports JD194A HP 384 Gbps Fabric A7500 Module JD194B HP 7500 384Gbps Fabric Module JD195A HP 7500 384Gbps Advanced Fabric Module JD196A HP 7502 Fabric Module JD220A HP 7500 768Gbps Fabric Module JD238A HP A7510 Switch Chassis JD238B HP 7510 Switch Chassis JD239A HP A7506 Switch Chassis JD239B HP 7506 Switch Chassis JD240A HP A7503 Switch Chassis JD240B HP 7503 Switch Chassis JD241A HP A7506 Vertical Switch Chassis JD241B HP 7506-V Switch Chassis JD242A HP A7502 Switch Chassis JD242B HP 7502 Switch Chassis JD243A HP A7503 Switch Chassis w/1 Fabric Slot JD243B HP 7503-S Switch Chassis w/1 Fabric Slot H3C S7502E Ethernet Switch Chassis with Fan (0235A0G4) H3C S7503E Ethernet Switch Chassis with Fan (0235A0G2) H3C S7503E-S Ethernet Switch Chassis with Fan (0235A0G5) H3C S7506E Ethernet Switch Chassis with Fan (0235A0G1) H3C S7506E-V Ethernet Switch Chassis with Fan (0235A0G3) H3C S7510E Ethernet Switch Chassis with Fan (0235A0G0) H3C S7502E Chassis w/ fans (0235A29A) H3C S7503E Chassis w/ fans (0235A27R) H3C S7503E-S Chassis w/ fans (0235A33R) H3C S7506E Chassis w/ fans (0235A27Q) H3C S7506E-V Chassis w/ fans (0235A27S)
HSR6800 HSR6800_5.20.R3303P10 HSR6800_5.20.R3303P10-US JG361A HP HSR6802 Router Chassis JG362A HP HSR6804 Router Chassis JG363A HP HSR6808 Router Chassis JG364A HP HSR6800 RSE-X2 Router MPU JG779A HP HSR6800 RSE-X2 Router TAA MPU
HSR6800 Russian Version HSR6800_5.20.R3303P10.RU JG361A HP HSR6802 Router Chassis JG362A HP HSR6804 Router Chassis JG363A HP HSR6808 Router Chassis JG364A HP HSR6800 RSE-X2 Router MPU JG779A HP HSR6800 RSE-X2 Router TAA MPU
HSR6602 HSR6602_5.20.R3303P10 HSR6602_5.20.R3303P10-US JG353A HP HSR6602-G Router JG354A HP HSR6602-XG Router JG776A HP HSR6602-G TAA Router JG777A HP HSR6602-XG TAA Router
HSR6602 Russian Version HSR6602_5.20.R3303P10.RU JG353A HP HSR6602-G Router JG354A HP HSR6602-XG Router JG776A HP HSR6602-G TAA Router JG777A HP HSR6602-XG TAA Router
6602.0 6602_5.20.R3303P10 6602_5.20.R3303P10-US JC176A HP 6602 Router Chassis H3C SR6602 1U Router Host (0235A27D)
6602 Russian Version 6602_5.20.R3303P10.RU JC176A HP 6602 Router Chassis H3C SR6602 1U Router Host (0235A27D)
A6600 6600.RPE_5.20.R3303P10 6600.RSE_5.20.R3303P10 6600.RPE_5.20.R3303P10-US 6600.RSE_5.20.R3303P10-US JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JC566A HP A6600 RSE-X1 Main Processing Unit JG780A HP 6600 RSE-X1 Router TAA MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
A6600 Russian Version 6600.RPE_5.20.R3303P10.RU 6600.RSE_5.20.R3303P10.RU JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JC566A HP A6600 RSE-X1 Main Processing Unit JG780A HP 6600 RSE-X1 Router TAA MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
6600 MCP HSR6602_5.20.R3303P10 HSR6602_5.20.R3303P10-US JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JG778A HP 6600 MCP-X2 Router TAA MPU. JG355A HP 6600 MCP-X1 Router MPU JG356A HP 6600 MCP-X2 Router MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
6600 MCP Russian Version HSR6602_5.20.R3303P10.RU JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JG778A HP 6600 MCP-X2 Router TAA MPU JG355A HP 6600 MCP-X1 Router MPU JG356A HP 6600 MCP-X2 Router MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
5920 Switch Series 5900AF-5920AF_7.10.R2311P01 5900AF-5920AF_7.10.R2311P01-US JG296A HP 5920AF-24XG Switch JG555A HP 5920AF-24XG TAA Switch
5900 Switch Series 5900AF-5920AF_7.10.R2311P01 5900AF-5920AF_7.10.R2311P01-US JC772A HP 5900AF-48XG-4QSFP+ Switch JG336A HP 5900AF-48XGT-4QSFP+ Switch JG510A HP 5900AF-48G-4XG-2QSFP+ Switch JG554A HP 5900AF-48XG-4QSFP+ TAA Switch JG838A HP FF 5900CP-48XG-4QSFP+ Switch
5830 Switch Series 5830_5.20.R1118P09 5830_5.20.R1118P09-US JC691A HP A5830AF-48G Switch w/1 Interface Slot JC694A HP A5830AF-96G Switch JG316A HP 5830AF-48G TAA Switch w/1 Intf Slot JG374A HP 5830AF-96G TAA Switch
5820 Switch Series 5800-5820X_5.20.R1808P25 5800-5820X_5.20.R1808P27-US JC102A HP 5820-24XG-SFP+ Switch JC106A HP 5820-14XG-SFP+ Switch with 2 Slots JG219A HP 5820AF-24XG Switch JG243A HP 5820-24XG-SFP+ TAA-compliant Switch JG259A HP 5820X-14XG-SFP+ TAA Switch w 2 Slots H3C S5820X-28C 14 port (SFP Plus ) Plus 4-port BT (RJ45) Plus 2 media modules Plus OSM (0235A37L) H3C S5820X-28S 24-port 10GBASE-X (SFP Plus ) Plus 4-port 10/100/1000BASE-T (RJ45) (0235A370)
5800 Switch Series 5800-5820X_5.20.R1808P25 5800-5820X_5.20.R1808P27-US JC099A HP 5800-24G-PoE Switch JC100A HP 5800-24G Switch JC101A HP 5800-48G Switch with 2 Slots JC103A HP 5800-24G-SFP Switch JC104A HP 5800-48G-PoE Switch JC105A HP 5800-48G Switch JG225A HP 5800AF-48G Switch JG242A HP 5800-48G-PoE+ TAA Switch w 2 Slots JG254A HP 5800-24G-PoE+ TAA-compliant Switch JG255A HP 5800-24G TAA-compliant Switch JG256A HP 5800-24G-SFP TAA Switch w 1 Intf Slt JG257A HP 5800-48G-PoE+ TAA Switch with 1 Slot JG258A HP 5800-48G TAA Switch w 1 Intf Slot H3C S5800-32C - 24-port 1BT Plus 4-port (SFP Plus ) Plus 1 media slot (0235A36U) H3C S5800-32C-PWR - 24-port 10/100/1000BASE-T (RJ45) Plus 4-port 10GBASE-X (SFP Plus ) Plus 1 media module PoE (0235A36S) H3C S5800-32F 24-port 1000BASE-X (SFP) Plus 4-port 10GBASE-X (SFP Plus ) Plus media module (no power) (0235A374) H3C S5800-56C 48-port 10/100/1000BASE-T (RJ45) Plus 4port 10GBASE-X (SFP Plus ) Plus media module (0235A379) H3C S5800-56C-PWR 48-port BT Plus 4 port (SFP Plus ) Plus media module (0235A378) H3C S5800-60C-PWR 48-port BT Plus 4-port SFP Plus 2 media modules Plus OSM (0235A36W)
5500 HI Switch Series 5500.HI_5.20.R5501P02 5500.HI_5.20.R5501P02-US JG311A HP HI 5500-24G-4SFP w/2 Intf Slts Switch JG312A HP HI 5500-48G-4SFP w/2 Intf Slts Switch JG541A HP 5500-24G-PoE+-4SFP HI Switch w/2 Slt JG542A HP 5500-48G-PoE+-4SFP HI Switch w/2 Slt JG543A HP 5500-24G-SFP HI Switch w/2 Intf Slt JG679A HP 5500-24G-PoE+-4SFP HI TAA Swch w/2Slt JG680A HP 5500-48G-PoE+-4SFP HI TAA Swch w/2Slt JG681A HP 5500-24G-SFP HI TAA Swch w/2Slt
5500 EI Switch Series 5500.EI-4800G_5.20.R2221P05 5500.EI-4800G_5.20.R2221P04-US JD373A HP 5500-24G DC EI Switch JD374A HP 5500-24G-SFP EI Switch JD375A HP 5500-48G EI Switch JD376A HP 5500-48G-PoE EI Switch JD377A HP 5500-24G EI Switch JD378A HP 5500-24G-PoE EI Switch JD379A HP 5500-24G-SFP DC EI Switch JG240A HP 5500-48G-PoE+ EI Switch w/2 Intf Slts JG241A HP 5500-24G-PoE+ EI Switch w/2 Intf Slts JG249A HP 5500-24G-SFP EI TAA Switch w 2 Slts JG250A HP 5500-24G EI TAA Switch w 2 Intf Slts JG251A HP 5500-48G EI TAA Switch w 2 Intf Slts JG252A HP 5500-24G-PoE+ EI TAA Switch w/2 Slts JG253A HP 5500-48G-PoE+ EI TAA Switch w/2 Slts H3C S5500-28C-EI Ethernet Switch (0235A253) H3C S5500-28F-EI Eth Switch AC Single (0235A24U) H3C S5500-52C-EI Ethernet Switch (0235A24X) H3C S5500-28C-EI-DC Ethernet Switch (0235A24S) H3C S5500-28C-PWR-EI Ethernet Switch (0235A255) H3C S5500-28F-EI Eth Swtch DC Single Pwr (0235A259) H3C S5500-52C-PWR-EI Ethernet Switch (0235A251)
5500 SI Switch Series 5500.SI_5.20.R2221P04 JD369A HP 5500-24G SI Switch JD370A HP 5500-48G SI Switch JD371A HP 5500-24G-PoE SI Switch JD372A HP 5500-48G-PoE SI Switch JG238A HP 5500-24G-PoE+ SI Switch w/2 Intf Slts JG239A HP 5500-48G-PoE+ SI Switch w/2 Intf Slts H3C S5500-28C-SI Ethernet Switch (0235A04U) H3C S5500-52C-SI Ethernet Switch (0235A04V) H3C S5500-28C-PWR-SI Ethernet Switch (0235A05H) H3C S5500-52C-PWR-SI Ethernet Switch (0235A05J)
5120 EI Switch Series 5120.EI-4210G-4510G_5.20.R2221P04 5120.EI-4210G-4510G_5.20.R2221P04-US JE066A HP 5120-24G EI Switch JE067A HP 5120-48G EI Switch JE068A HP 5120-24G EI Switch with 2 Slots JE069A HP 5120-48G EI Switch with 2 Slots JE070A HP 5120-24G-PoE EI Switch with 2 Slots JE071A HP 5120-48G-PoE EI Switch with 2 Slots JG236A HP 5120-24G-PoE+ EI Switch w/2 Intf Slts JG237A HP 5120-48G-PoE+ EI Switch w/2 Intf Slts JG245A HP 5120-24G EI TAA Switch w 2 Intf Slts JG246A HP 5120-48G EI TAA Switch w 2 Intf Slts JG247A HP 5120-24G-PoE+ EI TAA Switch w 2 Slts JG248A HP 5120-48G-PoE+ EI TAA Switch w 2 Slts H3C S5120-24P-EI 24GE Plus 4ComboSFP (0235A0BQ) H3C S5120-28C-EI 24GE Plus 4Combo Plus 2Slt (0235A0BS) H3C S5120-48P-EI 48GE Plus 4ComboSFP (0235A0BR) H3C S5120-52C-EI 48GE Plus 4Combo Plus 2Slt (0235A0BT) H3C S5120-28C-PWR-EI 24G Plus 4C Plus 2S Plus POE (0235A0BU) H3C S5120-52C-PWR-EI 48G Plus 4C Plus 2S Plus POE (0235A0BV)
5120 SI switch Series 5120.SI_5.20.R1513P86 JE072A HP 5120-48G SI Switch JE073A HP 5120-16G SI Switch JE074A HP 5120-24G SI Switch JG091A HP 5120-24G-PoE+ (370W) SI Switch JG092A HP 5120-24G-PoE+ (170W) SI Switch H3C S5120-52P-SI 48GE Plus 4 SFP (0235A41W) H3C S5120-20P-SI L2 16GE Plus 4SFP (0235A42B) H3C S5120-28P-SI 24GE Plus 4 SFP (0235A42D) H3C S5120-28P-HPWR-SI (0235A0E5) H3C S5120-28P-PWR-SI (0235A0E3)
4800 G Switch Series 5500.EI-4800G_5.20.R2221P05 5500.EI-4800G_5.20.R2221P04-US JD007A HP 4800-24G Switch JD008A HP 4800-24G-PoE Switch JD009A HP 4800-24G-SFP Switch JD010A HP 4800-48G Switch JD011A HP 4800-48G-PoE Switch
3Com Switch 4800G 24-Port (3CRS48G-24-91) 3Com Switch 4800G 24-Port SFP (3CRS48G-24S-91) 3Com Switch 4800G 48-Port (3CRS48G-48-91) 3Com Switch 4800G PWR 24-Port (3CRS48G-24P-91) 3Com Switch 4800G PWR 48-Port (3CRS48G-48P-91)
4510G Switch Series 5500.EI-4800G_5.20.R2221P05 5500.EI-4800G_5.20.R2221P04-US JF428A HP 4510-48G Switch JF847A HP 4510-24G Switch
3Com Switch 4510G 48 Port (3CRS45G-48-91) 3Com Switch 4510G PWR 24-Port (3CRS45G-24P-91) 3Com Switch E4510-24G (3CRS45G-24-91)
4210G Switch Series 5120.EI-4210G-4510G_5.20.R2221P04 5120.EI-4210G-4510G_5.20.R2221P04-US JF844A HP 4210-24G Switch JF845A HP 4210-48G Switch JF846A HP 4210-24G-PoE Switch
3Com Switch 4210-24G (3CRS42G-24-91) 3Com Switch 4210-48G (3CRS42G-48-91) 3Com Switch E4210-24G-PoE (3CRS42G-24P-91)
3610 Switch Series S3610-5510_5.20.R5319P08 JD335A HP 3610-48 Switch JD336A HP 3610-24-4G-SFP Switch JD337A HP 3610-24-2G-2G-SFP Switch JD338A HP 3610-24-SFP Switch H3C S3610-52P - model LS-3610-52P-OVS (0235A22C) H3C S3610-28P - model LS-3610-28P-OVS (0235A22D) H3C S3610-28TP - model LS-3610-28TP-OVS (0235A22E) H3C S3610-28F - model LS-3610-28F-OVS (0235A22F)
3600 V2 Switch Series 3600V2_5.20.R2109P05 JG299A HP 3600-24 v2 EI Switch JG300A HP 3600-48 v2 EI Switch JG301A HP 3600-24-PoE+ v2 EI Switch JG301B HP 3600-24-PoE+ v2 EI Switch JG302A HP 3600-48-PoE+ v2 EI Switch JG302B HP 3600-48-PoE+ v2 EI Switch JG303A HP 3600-24-SFP v2 EI Switch JG304A HP 3600-24 v2 SI Switch JG305A HP 3600-48 v2 SI Switch JG306A HP 3600-24-PoE+ v2 SI Switch JG306B HP 3600-24-PoE+ v2 SI Switch JG307A HP 3600-48-PoE+ v2 SI Switch JG307B HP 3600-48-PoE+ v2 SI Switch
3100V2 3100V2_5.20.R5203P07 JD313B HP 3100-24-PoE v2 EI Switch JD318B HP 3100-8 v2 EI Switch JD319B HP 3100-16 v2 EI Switch JD320B HP 3100-24 v2 EI Switch JG221A HP 3100-8 v2 SI Switch JG222A HP 3100-16 v2 SI Switch JG223A HP 3100-24 v2 SI Switch
3100V2-48 3100V2.48_5.20.R2109P05 JG315A HP 3100-48 v2 Switch
1920.0 1920-48G-JG927A_5.20.R1104 1920-8G-PoE-65W-JG921A_5.20.R1104 1920-8G-JG920A_5.20.R1104 1920-24G-PoE-370W-JG926A_5.20.R1104 1920-24G-PoE-180W-JG925A_5.20.R1104 1920-24G-JG924A_5.20.R1104 1920-16G-JG923A_5.20.R1104 1920-8G-PoE-180W-JG922A_5.20.R1104 JG927A HP 1920-48G Switch JG921A HP 1920-8G-PoE+ (65W) Switch JG920A HP 1920-8G Switch JG926A HP 1920-24G-PoE+ (370W) Switch JG925A HP 1920-24G-PoE+ (180W) Switch JG924A HP 1920-24G Switch JG923A HP 1920-16G Switch JG922A HP 1920-8G-PoE+ (180W) Switch
1910.0 1910-8-POE-JG537_5.20.R1106 1910-48-JG540_5.20.R1106 1910-24-JG538_5.20.R1106 1910-24-POE-JG539_5.20.R1106 1910-8-JG536_5.20.R1106 JG537A HP 1910-8 -PoE+ Switch JG540A HP 1910-48 Switch JG538A HP 1910-24 Switch JG539A HP 1910-24-PoE+ Switch JG536A HP 1910-8 Switch
1810v1 P2 Fix in progress use mitigations J9449A HP 1810-8G Switch J9450A HP 1810-24G Switch
1810v1 PK Fix in progress use mitigations J9660A HP 1810-48G Switch
MSR20 MSR20.SI_5.20.R2513P02 JD432A HP A-MSR20-21 Multi-Service Router JD662A HP MSR20-20 Multi-Service Router JD663A HP MSR20-21 Multi-Service Router JD663B HP MSR20-21 Router JD664A HP MSR20-40 Multi-Service Router JF228A HP MSR20-40 Router JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324) H3C RT-MSR2040-AC-OVS-H3 (0235A326) H3C MSR 20-20 (0235A19H) H3C MSR 20-21 (0235A325) H3C MSR 20-40 (0235A19K) H3C MSR-20-21 Router (0235A19J)
MSR20-1X MSR201X_5.20.R2513P02 JD431A HP MSR20-10 Router JD667A HP MSR20-15 IW Multi-Service Router JD668A HP MSR20-13 Multi-Service Router JD669A HP MSR20-13 W Multi-Service Router JD670A HP MSR20-15 A Multi-Service Router JD671A HP MSR20-15 AW Multi-Service Router JD672A HP MSR20-15 I Multi-Service Router JD673A HP MSR20-11 Multi-Service Router JD674A HP MSR20-12 Multi-Service Router JD675A HP MSR20-12 W Multi-Service Router JD676A HP MSR20-12 T1 Multi-Service Router JF236A HP MSR20-15-I Router JF237A HP MSR20-15-A Router JF238A HP MSR20-15-I-W Router JF239A HP MSR20-11 Router JF240A HP MSR20-13 Router JF241A HP MSR20-12 Router JF806A HP MSR20-12-T Router JF807A HP MSR20-12-W Router JF808A HP MSR20-13-W Router JF809A HP MSR20-15-A-W Router JF817A HP MSR20-15 Router JG209A HP MSR20-12-T-W Router (NA) JG210A HP MSR20-13-W Router (NA) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8) H3C MSR 20-10 (0235A0A7) H3C RT-MSR2011-AC-OVS-H3 (0235A395) H3C RT-MSR2012-AC-OVS-H3 (0235A396) H3C RT-MSR2012-AC-OVS-W-H3 (0235A397) H3C RT-MSR2012-T-AC-OVS-H3 (0235A398) H3C RT-MSR2013-AC-OVS-H3 (0235A390) H3C RT-MSR2013-AC-OVS-W-H3 (0235A391) H3C RT-MSR2015-AC-OVS-A-H3 (0235A392) H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393) H3C RT-MSR2015-AC-OVS-I-H3 (0235A394) H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V) H3C MSR 20-11 (0235A31V) H3C MSR 20-12 (0235A32E) H3C MSR 20-12 T1 (0235A32B) H3C MSR 20-13 (0235A31W) H3C MSR 20-13 W (0235A31X) H3C MSR 20-15 A (0235A31Q) H3C MSR 20-15 A W (0235A31R) H3C MSR 20-15 I (0235A31N) H3C MSR 20-15 IW (0235A31P) H3C MSR20-12 W (0235A32G)
MSR30 MSR30.SI_5.20.R2513P02 JD654A HP MSR30-60 POE Multi-Service Router JD657A HP MSR30-40 Multi-Service Router JD658A HP MSR30-60 Multi-Service Router JD660A HP MSR30-20 POE Multi-Service Router JD661A HP MSR30-40 POE Multi-Service Router JD666A HP MSR30-20 Multi-Service Router JF229A HP MSR30-40 Router JF230A HP MSR30-60 Router JF232A HP RT-MSR3040-AC-OVS-AS-H3 JF235A HP MSR30-20 DC Router JF284A HP MSR30-20 Router JF287A HP MSR30-40 DC Router JF801A HP MSR30-60 DC Router JF802A HP MSR30-20 PoE Router JF803A HP MSR30-40 PoE Router JF804A HP MSR30-60 PoE Router H3C MSR 30-20 Router (0235A328) H3C MSR 30-40 Router Host(DC) (0235A268) H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322) H3C RT-MSR3020-DC-OVS-H3 (0235A267) H3C RT-MSR3040-AC-OVS-H (0235A299) H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323) H3C RT-MSR3060-AC-OVS-H3 (0235A320) H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296) H3C RT-MSR3060-DC-OVS-H3 (0235A269) H3C MSR 30-20 RTVZ33020AS Router Host(AC) (0235A20S) H3C MSR 30-20 (0235A19L) H3C MSR 30-20 POE (0235A239) H3C MSR 30-40 (0235A20J) H3C MSR 30-40 POE (0235A25R) H3C MSR 30-60 (0235A20K) H3C MSR 30-60 POE (0235A25S) H3C RT-MSR3040-AC-OVS-AS-H3 (0235A20V)
MSR30-16 MSR3016.SI_5.20.R2513P02 JD659A HP MSR30-16 POE Multi-Service Router JD665A HP MSR30-16 Multi-Service Router JF233A HP MSR30-16 Router JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327) H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321) H3C MSR 30-16 (0235A237) H3C MSR 30-16 POE (0235A238)
MSR30-1X MSR301X.SI_5.20.R2513P09 JF800A HP MSR30-11 Router JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr JG182A HP MSR30-11E Router JG183A HP MSR30-11F Router JG184A HP MSR30-10 DC Router H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H) H3C RT-MSR3011-AC-OVS-H3 (0235A29L)
MSR50 MSR50.SI_5.20.R2513P02 JD433A HP MSR50-40 Router JD653A HP MSR50 Processor Module JD655A HP MSR50-40 Multi-Service Router JD656A HP MSR50-60 Multi-Service Router JF231A HP MSR50-60 Router JF285A HP MSR50-40 DC Router JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297) H3C MSR5040-DC-OVS-H3C (0235A20P) H3C RT-MSR5060-AC-OVS-H3 (0235A298) H3C MSR 50-40 Chassis (0235A20N) H3C MSR 50-60 Chassis (0235A20L)
MSR50-G2 MSR50.EPUSI_5.20.R2513P02 JD429A HP MSR50 G2 Processor Module JD429B HP MSR50 G2 Processor Module H3C H3C MSR 50 Processor Module-G2 (0231A84Q) H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD(0231A0KL)
MSR20 Russian version MSR20.SI_5.20.R2513L03.RU JD663B HP MSR20-21 Router JF228A HP MSR20-40 Router JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324) H3C RT-MSR2040-AC-OVS-H3 (0235A326)
MSR20-1X Russian version MSR201X_5.20.R2513L03.RU JD431A HP MSR20-10 Router JF236A HP MSR20-15-I Router JF237A HP MSR20-15-A Router JF238A HP MSR20-15-I-W Router JF239A HP MSR20-11 Router JF240A HP MSR20-13 Router JF241A HP MSR20-12 Router JF806A HP MSR20-12-T Router JF807A HP MSR20-12-W Router JF808A HP MSR20-13-W Router JF809A HP MSR20-15-A-W Router JF817A HP MSR20-15 Router H3C MSR 20-10 (0235A0A7) H3C RT-MSR2015-AC-OVS-I-H3 (0235A394) H3C RT-MSR2015-AC-OVS-A-H3 (0235A392) H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393) H3C RT-MSR2011-AC-OVS-H3 (0235A395) H3C RT-MSR2013-AC-OVS-H3 (0235A390) H3C RT-MSR2012-AC-OVS-H3 (0235A396) H3C RT-MSR2012-T-AC-OVS-H3 (0235A398) H3C RT-MSR2012-AC-OVS-W-H3 (0235A397) H3C RT-MSR2013-AC-OVS-W-H3 (0235A391) H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)
MSR30 Russian version MSR30.SI_5.20.R2513L03.RU JF229A HP MSR30-40 Router JF230A HP MSR30-60 Router JF235A HP MSR30-20 DC Router JF284A HP MSR30-20 Router JF287A HP MSR30-40 DC Router JF801A HP MSR30-60 DC Router JF802A HP MSR30-20 PoE Router JF803A HP MSR30-40 PoE Router JF804A HP MSR30-60 PoE Router H3C RT-MSR3040-AC-OVS-H (0235A299) H3C RT-MSR3060-AC-OVS-H3 (0235A320) H3C RT-MSR3020-DC-OVS-H3 (0235A267) H3C MSR 30-20 Router (0235A328) H3C MSR 30-40 Router Host(DC) (0235A268) H3C RT-MSR3060-DC-OVS-H3 (0235A269) H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322) H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323) H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)
MSR30-16 Russian version MSR3016.SI_5.20.R2513L03.RU JF233A HP MSR30-16 Router JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327) H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)
MSR30-1X Russian version MSR301X.SI_5.20.R2513L03.RU JF800A HP MSR30-11 Router JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr JG182A HP MSR30-11E Router JG183A HP MSR30-11F Router JG184A HP MSR30-10 DC Router H3C RT-MSR3011-AC-OVS-H3 (0235A29L) H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)
MSR50 Russian version MSR50.SI_5.20.R2513L03.RU JD433A HP MSR50-40 Router JD653A HP MSR50 Processor Module JD655A HP MSR50-40 Multi-Service Router JD656A HP MSR50-60 Multi-Service Router JF231A HP MSR50-60 Router JF285A HP MSR50-40 DC Router JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297) H3C MSR 50 Processor Module (0231A791) H3C MSR 50-40 Chassis (0235A20N) H3C MSR 50-60 Chassis (0235A20L) H3C RT-MSR5060-AC-OVS-H3 (0235A298) H3C MSR5040-DC-OVS-H3C (0235A20P)
MSR50 G2 Russian version MSR50.EPUSI_5.20.R2513L03.RU JD429B HP MSR50 G2 Processor Module H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD (0231A0KL)
MSR9XX MSR9XX_5.20.R2513P02 JF812A HP MSR900 Router JF813A HP MSR920 Router JF814A HP MSR900-W Router JF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr JG207A HP MSR900-W Router (NA) JG208A HP MSR920-W Router (NA) H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2) H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX) H3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4) H3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0)
MSR93X MSR93X_5.20.R2513P02 JG511A HP MSR930 Router JG512A HP MSR930 Wireless Router JG513A HP MSR930 3G Router JG514A HP MSR931 Router JG515A HP MSR931 3G Router JG516A HP MSR933 Router JG517A HP MSR933 3G Router JG518A HP MSR935 Router JG519A HP MSR935 Wireless Router JG520A HP MSR935 3G Router JG531A HP MSR931 Dual 3G Router JG596A HP MSR930 4G LTE/3G CDMA Router JG597A HP MSR936 Wireless Router JG665A HP MSR930 4G LTE/3G WCDMA Global Router JG704A HP MSR930 4G LTE/3G WCDMA ATT Router
MSR1000 MSR1000_5.20.R2513P02 JG732A HP MSR1003-8 AC Router
MSR1000 Russian version MSR1000_5.20.R2513L03-RU JG732A HP MSR1003-8 AC Router
MSR2000 MSR2000_7.10.R0106P02 JG411A HP MSR2003 AC Router
MSR3000 MSR3000_7.10.R0106P02 JG404A HP MSR3064 Router JG405A HP MSR3044 Router JG406A HP MSR3024 AC Router JG409A HP MSR3012 AC Router JG861A HP MSR3024 TAA-compliant AC Router
MSR4000 MSR4000_7.10.R0106P02 JG402A HP MSR4080 Router Chassis JG403A HP MSR4060 Router Chassis JG412A HP MSR4000 MPU-100 Main Processing Unit
F5000 SECPATH5000FA_5.20.F3210P20 JG216A HP F5000 Firewall Standalone Chassis JD259A HP A5000-A5 VPN Firewall Chassis H3C SecPath F5000-A5 Host System (0150A0AG)
F5000 C F5000C_5.20.R3811 JG650A HP F5000-C VPN Firewall Appliance
F5000 S F5000S_5.20.R3811 JG370A HP F5000-S VPN Firewall Appliance
U200S and CS U200S_U200CS_5.20.F5123P27 JD268A HP 200-CS UTM Appliance JD273A HP U200-S UTM Appliance H3C SecPath U200-S (0235A36N)
U200A and M U200A_U200M_5.20.F5123P27 JD274A HP 200-M UTM Appliance JD275A HP U200-A UTM Appliance H3C SecPath U200-A (0235A36Q)
F1000A and S AF1000S.EI_3.40.R3734 JD270A HP S1000-S VPN Firewall Appliance JD271A HP S1000-A VPN Firewall Appliance JG213A HP F1000-S-EI VPN Firewall Appliance JG214A HP F1000-A-EI VPN Firewall Appliance
SecBlade III SECBLADEIII.FW_5.20.R3820 JG371A HP 12500 20Gbps VPN Firewall Module JG372A HP 10500/11900/7500 20Gbps VPN FW Mod
SecBlade FW SECBLADE2-FW_5.20.R3181 JC635A HP 12500 VPN Firewall Module JD245A HP 9500 VPN Firewall Module JD249A HP 10500/7500 Advanced VPN Firewall Mod JD250A HP 6600 Firewall Processing Rtr Module JD251A HP 8800 Firewall Processing Module JD255A HP 5820 VPN Firewall Module H3C S9500E SecBlade VPN Firewall Module (0231A0AV) H3C S7500E SecBlade VPN Firewall Module (0231A832) H3C SR66 Gigabit Firewall Module (0231A88A) H3C SR88 Firewall Processing Module (0231A88L) H3C S5820 SecBlade VPN Firewall Module (0231A94J)
F1000E SECPATH1000FE_5.20.R3181 JD272A HP S1000-E VPN Firewall Appliance
VSR1000 VSR1000_7.10.R0203 JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software JG811AAE HP VSR1001 Comware 7 Virtual Services Router JG812AAE HP VSR1004 Comware 7 Virtual Services Router JG813AAE HP VSR1008 Comware 7 Virtual Services Router
WX5002/5004 WX5002-WX5004_5.20.R2507P26 JD441A HP 5800 ACM for 64-256 APs JD447B HP WX5002 Access Controller JD448A HP A-WX5004 Access Controller JD448B HP WX5004 Access Controller JD469A HP A-WX5004 (3Com) Access Controller JG261A HP 5800 Access Controller OAA TAA Mod
HP 850/870 850-870_5.20.R2607P26 JG723A HP 870 Unified Wired-WLAN Appliance JG725A HP 870 Unifd Wrd-WLAN TAA Applnc JG722A HP 850 Unified Wired-WLAN Appliance JG724A HP 850 Unifd Wrd-WLAN TAA Applnc
HP 830 830_5.20.R3507P26 JG640A HP 830 24P PoE+ Unifd Wired-WLAN Swch JG641A HP 830 8P PoE+ Unifd Wired-WLAN Swch JG646A HP 830 24-Port PoE+ Wrd-WLAN TAA Switch JG647A HP 830 8-Port PoE+ Wrd-WLAN TAA Switch
HP 6000 6000_5.20.R2507P27 JG639A HP 10500/7500 20G Unified Wired-WLAN Mod JG645A HP 10500/7500 20G Unifd Wrd-WLAN TAA Mod
M220 Fix in progress use mitigations J9798A HP M220 802.11n AM Access Point J9799A HP M220 802.11n WW Access Point
NGFW The Software Downloads and software release notes for your NGFW Appliance(s) can be acquired with a valid support contract by accessing the Threat Management Center (TMC). In your web browser open https://tmc.tippingpoint.com. JC882A HP S1050F NGFW Aplnc w/DVLabs 1-yr Lic JC883A HP S3010F NGFW Aplnc w/DVLabs 1-yr Lic JC884A HP S3020F NGFW Aplnc w/DVLabs 1-yr Lic JC885A HP S8005F NGFW Aplnc w/DVLabs 1-yr Lic JC886A HP S8010F NGFW Aplnc w/DVLabs 1-yr Lic
iMC UAM 7.x 5.x iMC UAM 7.0 (E0203P04) JD144A HP IMC UAM S/W Module w/200-User License JF388A HP IMC UAM S/W Module w/200-user License JD435A HP IMC EAD Client Software JF388AAE HP IMC UAM S/W Module w/200-user E-LTU JG752AAE HP IMC UAM SW Mod w/ 50-user E-LTU
iMC EAD 7.x 5.x iMC EAD v7.1 (E0301) JF391AAE HP IMC EAD S/W Module w/200-user E-LTU JG754AAE HP IMC EAD SW Module w/ 50-user E-LTU JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License JF391A HP IMC EAD S/W Module w/200-user License
HISTORY Version:1 (rev.1) - 20 June 2014 Initial release Version:2 (rev.2) - 20 November 2014 Removed iMC Platform Products, 5900 virtual switch, and Router 8800 products. Further analysis revealed that those products as not vulnerable. Added additional products.
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux)
iEYEARECAAYFAlRuJqYACgkQ4B86/C0qfVkBZwCg+M/bssV0KI2Nfe2delq1N6KO 2ZUAoKT/5gXpIsdJb4Jyh8GVclzk70rZ =9QSF -----END PGP SIGNATURE----- . OpenSSL Security Advisory [05 Jun 2014] ========================================
SSL/TLS MITM vulnerability (CVE-2014-0224)
An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server.
The attack can only be performed between a vulnerable client and server. OpenSSL clients are vulnerable in all versions of OpenSSL. Users of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.
OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za. OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m. OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.
Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and researching this issue. This issue was reported to OpenSSL on 1st May 2014 via JPCERT/CC.
The fix was developed by Stephen Henson of the OpenSSL core team partly based on an original patch from KIKUCHI Masashi.
DTLS recursion flaw (CVE-2014-0221)
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack.
Only applications using OpenSSL as a DTLS client are affected.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This issue was reported to OpenSSL on 9th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
DTLS invalid fragment vulnerability (CVE-2014-0195)
A buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server. This is potentially exploitable to run arbitrary code on a vulnerable client or server.
Only applications using OpenSSL as a DTLS client or server affected.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Jüri Aedla for reporting this issue. This issue was reported to OpenSSL on 23rd April 2014 via HP ZDI.
The fix was developed by Stephen Henson of the OpenSSL core team. This flaw only affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public. The fix was developed by Matt Caswell of the OpenSSL development team.
SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)
A race condition in the ssl3_read_bytes function can allow remote attackers to inject data across sessions or cause a denial of service. This flaw only affects multithreaded applications using OpenSSL 1.0.0 and 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public.
Anonymous ECDH denial of service (CVE-2014-3470)
OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a denial of service attack.
OpenSSL 0.9.8 users should upgrade to 0.9.8za OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
Thanks to Felix Gröbert and Ivan Fratrić at Google for discovering this issue. This issue was reported to OpenSSL on 28th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
Other issues
OpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for CVE-2014-0076: Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" Reported by Yuval Yarom and Naomi Benger. This issue was previously fixed in OpenSSL 1.0.1g.
References
URL for this Security Advisory: http://www.openssl.org/news/secadv_20140605.txt
Note: the online version of the advisory may be updated with additional details over time.
The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Relevant releases/architectures:
Red Hat Storage Server 2.1 - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. (CVE-2014-0195)
Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)
Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, Jüri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Gröbert and Ivan Fratrić of Google as the original reporters of CVE-2014-3470. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Package List:
Red Hat Storage Server 2.1:
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
x86_64: openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0244",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.13"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "12.3"
},
{
"model": "linux enterprise workstation extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "bladecenter advanced management module 3.66e",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "security enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8.106"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.20.5.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58200"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"model": "junos os 13.1r4-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "junos 12.1r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.5"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.2"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "cp1543-1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "junos 12.1r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "60000"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx3002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.2"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"model": "junos 12.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ive os 7.4r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "junos os 11.4r12-s4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2-480"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "junos 11.4r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"model": "uacos c4.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsr-500n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "msr3000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.4"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.3"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "m220 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58300"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "4800g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "secure analytics 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4"
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "119000"
},
{
"model": "secure analytics 2014.2r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.12"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.2"
},
{
"model": "junos 13.1r3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "10"
},
{
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "oneview",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.10"
},
{
"model": "f1000a and s family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "u200a and m family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "flex system fc5022",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "850/8700"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "junos 11.4r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"model": "junos d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.1"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "hsr6602 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.2"
},
{
"model": "fastsetup",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.5"
},
{
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ive os 8.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "msr93x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wx5002/5004 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "updatexpress system packs installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos 11.4r12",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "a6600 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "junos 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vsr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.3r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"model": "junos 12.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.1"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.2"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.8"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "junos 13.2r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.9"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "msr20 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 12.1r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 11.4r10-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "junos 5.0r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129000"
},
{
"model": "fortios build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "hsr6800 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1"
},
{
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "quantum policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "msr20 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "msr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "secblade iii",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 10.4r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "junos 12.1r8-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "ssl vpn 8.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "msr1000 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "junos 13.1r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "(comware family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12500v7)0"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "cp1543-1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.1.25"
},
{
"model": "ive os 7.4r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "secure analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "advanced settings utility",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr30 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "strm 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "junos pulse 5.0r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "junos 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "sbr global enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jsa 2014.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.2"
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7900.00"
},
{
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "f1000e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 12.2r9",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19200"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"model": "hsr6602 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.0"
},
{
"model": "secure analytics 2014.2r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dsr-1000n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"model": "junos 13.3r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.6"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.21"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"model": "junos 12.1r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "simatic s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1.5.0"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0.1055"
},
{
"model": "msr50 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.2"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"model": "strm",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.4"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr50 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "junos 12.1x45-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"model": "junos 13.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "junos 13.2r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "u200s and cs family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "security threat response manager 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.10"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10648"
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.9"
},
{
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"model": "hsr6800 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.5"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.01"
},
{
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v5)0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.2"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.12"
},
{
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos os 12.3r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "simatic s7-1500",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.6"
},
{
"model": "strm/jsa 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx7412",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ngfw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.3"
},
{
"model": "junos 10.4r16",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "junos 12.3r4-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10"
},
{
"model": "security network intrusion prevention system gx5108",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.203"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr50-g2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "ive os 7.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.21"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "junos 5.0r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ive os 8.0r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "11.16"
},
{
"model": "junos os 14.1r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "junos os 13.2r5-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sbr enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "junos os 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "uacos c5.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx4004",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network intrusion prevention system gv1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 13.1r.3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58000"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.8"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.7"
},
{
"model": "junos os 12.1x46-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "dsr-1000 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v20"
},
{
"model": "junos 12.1x45-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"model": "uacos c5.0",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "strm/jsa",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "dynamic system analysis",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "imc uam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "ssl vpn 7.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 10.4s",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.6"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "intelligent management center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v7)0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 11.4r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "project openssl 1.0.1h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "9500e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr30-16 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "f5000 c",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.1880"
},
{
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.2354"
},
{
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.53"
},
{
"model": "f5000 s",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "simatic s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr20-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "ape",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security threat response manager 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "dsr-500 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6"
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.3"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"model": "junos 12.1x45-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "20"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4"
},
{
"model": "junos 10.4s15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "36100"
},
{
"model": "junos 13.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ive os 7.4r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hi switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "msr30-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.7"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "msr9xx family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "msr2000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"model": "msr30 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"model": "junos 12.2r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125000"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.4"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "msr30-16 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "imc ead",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3600v20"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "fortios b064",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "msr4000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.2r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.21"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gv200",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.6"
},
{
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "mcp russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.1"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "a6600 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos 12.1r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "f5000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19100"
},
{
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.1"
},
{
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos r11",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27.62"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "pk family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "junos os 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59200"
},
{
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 11.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x45-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dsr-500n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx4002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "4210g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "webapp secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "junos 13.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "dsr-500 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45-"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "junos os 12.1x47-d15",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59000"
},
{
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "mcp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.92743"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75000"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8300"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "junos 12.2r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secblade fw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "tssc",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.15"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.2"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "junos 10.4r15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "uacos c4.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos pulse 4.0r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"model": "junos 14.1r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "p2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "junos 10.0s25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.2"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "msr50 g2 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "junos 10.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.3r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.1"
},
{
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.4"
},
{
"model": "junos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0"
},
{
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "blackberry link",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "1.2"
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.05"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "msr20-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.107"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "msr30-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "4510g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "dsr-1000 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "dsr-1000n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "junos 12.1r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ive os 8.0r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos os 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
}
],
"sources": [
{
"db": "BID",
"id": "67193"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
},
{
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.1g",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.13",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "129218"
},
{
"db": "PACKETSTORM",
"id": "127265"
}
],
"trust": 0.6
},
"cve": "CVE-2014-0198",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0198",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0198",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-057",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-0198",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
},
{
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition. OpenSSL is prone to denial-of-service vulnerability. \nAn attacker may exploit this issue to crash the application, resulting in denial-of-service conditions. \n\nThe oldstable distribution (squeeze) is not affected. \n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.0.1e-2+deb7u9. \n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.0.1g-4. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.0.1g-4. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://advisories.mageia.org/MGASA-2014-0204.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 0960978623ce1a63b660860f11a273cd mbs1/x86_64/lib64openssl1.0.0-1.0.0k-1.3.mbs1.x86_64.rpm\n a1f2e8359b1823df2bbf4cef25ed0fa5 mbs1/x86_64/lib64openssl-devel-1.0.0k-1.3.mbs1.x86_64.rpm\n 9caf8ee1e9151cd22cc8bbbcec6ddc64 mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0k-1.3.mbs1.x86_64.rpm\n e7e8655dcdfcf3499b5d3280a7023beb mbs1/x86_64/lib64openssl-static-devel-1.0.0k-1.3.mbs1.x86_64.rpm\n 34ef39c4e07e20ed081ff466b744e6b1 mbs1/x86_64/openssl-1.0.0k-1.3.mbs1.x86_64.rpm \n 4c4315e35972686c692a095851d42cd4 mbs1/SRPMS/openssl-1.0.0k-1.3.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. \n\nHP Insight Control server deployment packages HP System Management Homepage\n(SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM)\nand deploys them through the following components. This bulletin provides the\ninformation needed to update the HP Insight Control server deployment\nsolution. HP has provided manual update steps\nif a version upgrade is not possible; if users wish to remain at v7.1.2,\nv7.2.0, or v7.2.1. \n\nNote: It is important to check your current running version of HP Insight\nControl server deployment and to follow the correct steps listed below. For\nHP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and\nfollow the steps below to remove the vulnerability. That Security Bulletin with instructions on how to upgrade\nto v7.3.1 can be found here:\n\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n\na-c04267749\n\nHP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should\ntake the following steps to remove this vulnerability. \n\nDelete the files smhamd64-*.exe/smhx86-*.exe\" from Component Copy Location\nlisted in the following table, rows 1 and 2. \nDelete the files \"vcax86-*.exe/vcaamd64-*.exe from Component Copy Location\nlisted in the following table, rows 3 and 4. \nDelete the files hpsmh-7.*.rpm\" from Component Copy Location listed in row 5. \nIn sequence, perform the steps from left to right in the following table. \nFirst, download components from Download Link; Second, rename the component\nas suggested in Rename to. Third, copy the component to the location\nspecified in Component Copy Location. \nTable Row Number\n Download Link\n Rename to\n Component Copy Location\n\n1\n http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba\n smhamd64-ccp023716.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n2\n http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05\n smhx86-cp023715.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n3\n http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13\n vcax86-cp023742.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n4\n http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2\n vcaamd64-cp023743.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n5\n http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93\n Do not rename the downloaded component for this step. \n \\\\express\\hpfeatures\\hpagents-sles11-x64\\components\n\\\\express\\hpfeatures\\hpagents-sles10-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel5-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel6-x64\\components\n\nDownload and extract the HPSUM 5.3.6 component from\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793\n\nCopy all content from extracted ZIP folder and paste into\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components\nInitiate Install HP Management Agents for SLES 11 x64 on targets running\nSLES11 x64. \nInitiate Install HP Management Agents for SLES 10 x64 on targets running\nSLES10 x64. \nInitiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL\n6 x64. \nInitiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL\n5 x64. \nInitiate Install HP Management Agents for Windows x86/x64 on targets running\nWindows. \n\nHP Insight Control server deployment users with v7.2.2:\n\nPlease upgrade to Insight Control server deployment v7.3.1 and follow the\nsteps below for v7.3.1. \n\nHP Insight Control server deployment users with v7.3.1:\n\nPerform steps 1 - 4 as outlined above for users with HP Insight Control\nserver deployment v7.1.2, v7.2.0, and v7.2.1. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201407-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: July 27, 2014\n Bugs: #512506\n ID: 201407-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, possibly allowing\nremote attackers to execute arbitrary code. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.1h-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-5298\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5298\n[ 2 ] CVE-2014-0195\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0195\n[ 3 ] CVE-2014-0198\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0198\n[ 4 ] CVE-2014-0221\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0221\n[ 5 ] CVE-2014-0224\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0224\n[ 6 ] CVE-2014-3470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3470\n[ 7 ] OpenSSL Security Advisory [05 Jun 2014]\n http://www.openssl.org/news/secadv_20140605.txt\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201407-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. These vulnerabilities include: \n\n* The SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" also known as \"POODLE\", which could be exploited remotely\nresulting in disclosure of information. \n\n - HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2010-5298\n 4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L\n 4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)\n\n CVE-2014-0076\n 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2014-0195\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-0198\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0221\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0224\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-3470\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-3566\n 3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2016-0705\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE recommends applying the following software updates to resolve the\nvulnerabilities in the impacted versions of HPE StoreVirtual products running\nHPE LeftHand OS. \n\nLeftHand OS v11.5 - Patches 45019-00 and 45020 \nLeftHand OS v12.0 - Patches 50016-00 and 50017-00 \nLeftHand OS v12.5 - Patch 55016-00 \nLeftHand OS v12.6 - Patch 56002-00 \n\n**Notes:**\n\nThese patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision\nto OpenSSL v1.0.1e 48. \nThese patches migrate Certificate Authority Hashing Algorithm from a weak\nhashing algorithm SHA1 to the stronger hashing algorithm SHA256. Summary\n\n VMware product updates address OpenSSL security vulnerabilities. \n\n2. Relevant Releases\n\n ESXi 5.5 prior to ESXi550-201406401-SG\n\n\n3. \n\n OpenSSL libraries have been updated in multiple products to\n versions 0.9.8za and 1.0.1h in order to resolve multiple security\n issues. \n \n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n\n has assigned the names CVE-2014-0224, CVE-2014-0198, \n CVE-2010-5298, CVE-2014-3470, CVE-2014-0221 and CVE-2014-0195 to\n these issues. The most important of these issues is \n CVE-2014-0224. \n\n CVE-2014-0198, CVE-2010-5298 and CVE-2014-3470 are considered to\n be of moderate severity. Exploitation is highly unlikely or is\n mitigated due to the application configuration. \n\n CVE-2014-0221 and CVE-2014-0195, which are listed in the OpenSSL \n Security Advisory (see Reference section below), do not affect\n any VMware products. For readability\n the affected products have been split into 3 tables below, \n based on the different client-server configurations and\n deployment scenarios. Applying these patches to \n affected servers will mitigate the affected clients (See Table 1\n below). can be mitigated by using a secure network such as \n VPN (see Table 2 below). \n \n Clients and servers that are deployed on an isolated network are\n less exposed to CVE-2014-0224 (see Table 3 below). The affected\n products are typically deployed to communicate over the\n management network. \n\n RECOMMENDATIONS\n\n VMware recommends customers evaluate and deploy patches for\n affected Servers in Table 1 below as these patches become\n available. Patching these servers will remove the ability to\n exploit the vulnerability described in CVE-2014-0224 on both\n clients and servers. VMware recommends customers consider \n applying patches to products listed in Table 2 \u0026 3 as required. \n\n Column 4 of the following tables lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n ESXi 5.5 ESXi ESXi550-\n 201406401-SG \n\n Big Data Extensions 1.1 patch pending \n Charge Back Manager 2.6 patch pending \n\n Horizon Workspace Server \n GATEWAY 1.8.1 patch pending \n Horizon Workspace Server \n GATEWAY 1.5 patch pending \n\n Horizon Workspace Server \n DATA 1.8.1 patch pending \n\n Horizon Mirage Edge Gateway 4.4.2 patch pending \n Horizon View 5.3.1 patch pending \n\n Horizon View Feature Pack 5.3 SP2 patch pending \n\n NSX for Multi-Hypervisor 4.1.2 patch pending \n NSX for Multi-Hypervisor 4.0.3 patch pending \n NSX for vSphere 6.0.4 patch pending \n NVP 3.2.2 patch pending \n vCAC 6.0.1 patch pending \n\n vCloud Networking and Security 5.5.2 \t\t patch pending \n vCloud Networking and Security 5.1.2 \t\t patch pending \n\n vFabric Web Server 5.3.4 patch pending \n\n vCHS - DPS-Data Protection 2.0 patch pending \n Service\n\n Table 2\n ========\n Affected clients running a vulnerable version of OpenSSL 0.9.8 \n or 1.0.1 and communicating over an untrusted network. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n vCSA 5.5 patch pending \n vCSA 5.1 patch pending \n vCSA 5.0 patch pending \n\n\n ESXi 5.1 ESXi patch pending \n ESXi 5.0 ESXi patch pending \n\n Workstation 10.0.2 any patch pending \n Workstation 9.0.3 any patch pending \n Fusion 6.x OSX patch pending \n Fusion 5.x OSX patch pending \n Player 10.0.2 any patch pending \n Player 9.0.3 any patch pending \n\n Chargeback Manager 2.5.x patch pending \n\n Horizon Workspace Client for 1.8.1 OSX patch pending \n Mac\n Horizon Workspace Client for 1.5 OSX patch pending \n Mac\n Horizon Workspace Client for 1.8.1 Windows patch pending \n Windows \n Horizon Workspace Client for 1.5 Windows patch pending \n\n OVF Tool 3.5.1 patch pending \n OVF Tool 3.0.1 patch pending \n\n vCenter Operations Manager 5.8.1 patch pending \n\n vCenter Support Assistant 5.5.0 patch pending \n vCenter Support Assistant 5.5.1 patch pending \n \n vCD 5.1.2 patch pending \n vCD 5.1.3 patch pending \n vCD 5.5.1.1 patch pending \n vCenter Site Recovery Manager 5.0.3.1 patch pending \n\n Table 3\n =======\n The following table lists all affected clients running a\n vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating\n over an untrusted network. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n vCenter Server 5.5 any patch pending\n vCenter Server 5.1 any patch pending\n vCenter Server 5.0 any patch pending\n\n Update Manager 5.5 Windows patch pending\n Update Manager 5.1 Windows patch pending\n Update Manager 5.0 Windows patch pending \n\n Config Manager (VCM) 5.6 patch pending \n\n Horizon View Client 5.3.1 patch pending \n Horizon View Client 4.x patch pending\n Horizon Workspace 1.8.1 patch pending \n Horizon Workspace 1.5 patch pending \n \n \n ITBM Standard 1.0.1 patch pending \n ITBM Standard 1.0 patch pending \n \n Studio 2.6.0.0 patch pending \n \n Usage Meter 3.3 patch pending \n vCenter Chargeback Manager 2.6 patch pending \n vCenter Converter Standalone 5.5 patch pending \n vCenter Converter Standalone 5.1 patch pending \n vCD (VCHS) 5.6.2 patch pending \n \n vCenter Site Recovery Manager 5.5.1 patch pending \n vCenter Site Recovery Manager 5.1.1 patch pending\n\n vFabric Application Director 5.2.0 patch pending \n vFabric Application Director 5.0.0 patch pending \n View Client 5.3.1 patch pending \n View Client 4.x patch pending\n VIX API 5.5 patch pending \n VIX API 1.12 patch pending \n \n vMA (Management Assistant) 5.1.0.1 patch pending \n \n\n VMware Data Recovery 2.0.3 patch pending \n \n VMware vSphere CLI 5.5 patch pending \n \n vSphere Replication 5.5.1 patch pending \n vSphere Replication 5.6 patch pending \n vSphere SDK for Perl 5.5 patch pending \n vSphere Storage Appliance 5.5.1 patch pending \n vSphere Storage Appliance 5.1.3 patch pending \n vSphere Support Assistant 5.5.1 patch pending \n vSphere Support Assistant 5.5.0 patch pending\n vSphere Virtual Disk 5.5 patch pending \n Development Kit \n vSphere Virtual Disk 5.1 patch pending \n Development Kit\n vSphere Virtual Disk 5.0 patch pending \n Development Kit\n \n 4. Solution\n\n ESXi 5.5\n ----------------------------\n\n Download:\n https://www.vmware.com/patchmgr/download.portal\n\n Release Notes and Remediation Instructions:\n http://kb.vmware.com/kb/2077359\n\n 5. References\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n \n https://www.openssl.org/news/secadv_20140605.txt\n\n- -----------------------------------------------------------------------\n\n6. Change Log\n\n 2014-06-10 VMSA-2014-0006\n Initial security advisory in conjunction with the release of\n ESXi 5.5 updates on 2014-06-10\n\n- -----------------------------------------------------------------------\n \n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04347622\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04347622\nVersion: 2\n\nHPSBHF03052 rev.2 - HP Network Products running OpenSSL, Multiple Remote\nVulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-06-20\nLast Updated: 2014-11-20\n\nPotential Security Impact: Remote Denial of Service (DoS), code execution,\nunauthorized access, modification of information, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP Network\nProducts running OpenSSL. The vulnerabilities could be exploited remotely to\ncreate a Denial of Service (DoS), execute code, allow unauthorized access,\nmodify or disclose information. \n\nReferences:\n\n CVE-2010-5298 (SSRT101561) Remote Denial of Service (DoS) or Modification\nof Information\n CVE-2014-0198 (SSRT101561) Remote Unauthorized Access\n CVE-2014-0224 (SSRT101593) Remote Unauthorized Access or Disclosure of\nInformation\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nPlease refer to the RESOLUTION\n section below for a list of impacted products. \n\nNOTE:\n\nAll products listed are impacted by CVE-2014-0224. This is the vulnerability\nknown as \"Heartbleed\". \nHP Intelligent Management Center (iMC) is also impacted by CVE-2014-0198 and\nCVE-2010-5298. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\nOn June 5th 2014, OpenSSL.org issued an advisory with several CVE\nvulnerabilities. HP Networking is working to release fixes for these\nvulnerabilities that impact the products in the table below. As fixed\nsoftware is made available, this security bulletin will be updated to show\nthe fixed versions. Until the software fixes are available, HP Networking is\nproviding the following information including possible workarounds to\nmitigate the risks of these vulnerabilities. \n\n Workarounds\n\n HP Networking equipment is typically deployed inside firewalls and access\nto management interfaces and other protocols is more tightly controlled than\nin public environments. \n\n Following the guidelines in the Hardening Comware-based devices can help\nto further reduce man-in-the-middle opportunities:\n\n http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=\nc03536920\n\n For an HP Networking device acting as an OpenSSL Server, using a patched\nOpenSSL client or non-OpenSSL client eliminates the risk. \n\n Protocol Notes\n\n The following details the protocols that use OpenSSL in Comware v5 and\nComware v7:\n\n - Comware V7:\n\n Server:\n\n FIPS/HTTPS/Load Balancing/Session Initiation Protocol\n\n Client:\n\n Load Balancing/OpenFlow/Session Initiation Protocol/State Machine\nBased Anti-Spoofing/Dynamic DNS\n\n - Comware V5:\n\n Server:\n\n CAPWAP/EAP/SSLVPN\n\n Client:\n\n Dynamic DNS\n\nFamily\n Fixed Version\n HP Branded Products Impacted\n H3C Branded Products Impacted\n 3Com Branded Products Impacted\n\n12900 Switch Series\n 12900_7.10.R1109\n12900_7.10.R1005P07\n JG619A HP FF 12910 Switch AC Chassis\nJG621A HP FF 12910 Main Processing Unit\nJG632A HP FF 12916 Switch AC Chassis\nJG634A HP FF 12916 Main Processing Unit\n\n12500.0\n 12500_5.20.R1828P04\n12500_5.20.R1828P04-US\n JC085A HP A12518 Switch Chassis\nJC086A HP A12508 Switch Chassis\nJC652A HP 12508 DC Switch Chassis\nJC653A HP 12518 DC Switch Chassis\nJC654A HP 12504 AC Switch Chassis\nJC655A HP 12504 DC Switch Chassis\nJF430A HP A12518 Switch Chassis\nJF430B HP 12518 Switch Chassis\nJF430C HP 12518 AC Switch Chassis\nJF431A HP A12508 Switch Chassis\nJF431B HP 12508 Switch Chassis\nJF431C HP 12508 AC Switch Chassis\nJC072B HP 12500 Main Processing Unit\nJC808A HP 12500 TAA Main Processing Unit\n H3C S12508 Routing Switch(AC-1) (0235A0GE)\nH3C S12518 Routing Switch(AC-1) (0235A0GF)\nH3C S12508 Chassis (0235A0E6)\nH3C S12508 Chassis (0235A38N)\nH3C S12518 Chassis (0235A0E7)\nH3C S12518 Chassis (0235A38M)\n\n12500 (Comware v7)\n 12500_7.10.R7328P03\n JC085A HP A12518 Switch Chassis\nJC086A HP A12508 Switch Chassis\nJC652A HP 12508 DC Switch Chassis\nJC653A HP 12518 DC Switch Chassis\nJC654A HP 12504 AC Switch Chassis\nJC655A HP 12504 DC Switch Chassis\nJF430A HP A12518 Switch Chassis\nJF430B HP 12518 Switch Chassis\nJF430C HP 12518 AC Switch Chassis\nJF431A HP A12508 Switch Chassis\nJF431B HP 12508 Switch Chassis\nJF431C HP 12508 AC Switch Chassis\nJC072B HP 12500 Main Processing Unit\nJG497A HP 12500 MPU w/Comware V7 OS\nJG782A HP FF 12508E AC Switch Chassis\nJG783A HP FF 12508E DC Switch Chassis\nJG784A HP FF 12518E AC Switch Chassis\nJG785A HP FF 12518E DC Switch Chassis\nJG802A HP FF 12500E MPU\n H3C S12508 Routing Switch(AC-1) (0235A0GE)\nH3C S12518 Routing Switch(AC-1) (0235A0GF)\nH3C S12508 Chassis (0235A0E6)\nH3C S12508 Chassis (0235A38N)\nH3C S12518 Chassis (0235A0E7)\nH3C S12518 Chassis (0235A38M)\n\n11900 Switch Series\n 11900_7.10.R2111P04\n JG608A HP FF 11908-V Switch Chassis\nJG609A HP FF 11900 Main Processing Unit\n\n10500 Switch Series (Comware v5)\n 10500_5.20.R1208P09 10500_5.20.R1208P09-US\n JC611A HP 10508-V Switch Chassis\nJC612A HP 10508 Switch Chassis\nJC613A HP 10504 Switch Chassis\nJC614A HP 10500 Main Processing Unit\nJC748A HP 10512 Switch Chassis\nJG375A HP 10500 TAA Main Processing Unit\nJG820A HP 10504 TAA Switch Chassis\nJG821A HP 10508 TAA Switch Chassis\nJG822A HP 10508-V TAA Switch Chassis\nJG823A HP 10512 TAA Switch Chassis\n\n10500 Switch Series (Comware v7)\n 10500_7.10.R2111P04\n JC611A HP 10508-V Switch Chassis\nJC612A HP 10508 Switch Chassis\nJC613A HP 10504 Switch Chassis\nJC748A HP 10512 Switch Chassis\nJG820A HP 10504 TAA Switch Chassis\nJG821A HP 10508 TAA Switch Chassis\nJG822A HP 10508-V TAA Switch Chassis\nJG823A HP 10512 TAA Switch Chassis\nJG496A HP 10500 Type A MPU w/Comware v7 OS\n\n9500E\n S9500E_5.20.R1828P04\n JC124A HP A9508 Switch Chassis\nJC124B HP 9505 Switch Chassis\nJC125A HP A9512 Switch Chassis\nJC125B HP 9512 Switch Chassis\nJC474A HP A9508-V Switch Chassis\nJC474B HP 9508-V Switch Chassis\n H3C S9505E Routing-Switch Chassis (0235A0G6)\nH3C S9508E-V Routing-Switch Chassis (0235A38Q)\nH3C S9512E Routing-Switch Chassis (0235A0G7)\nH3C S9508E-V Routing-Switch Chassis (0235A38Q)\nH3C S9505E Chassis w/ Fans (0235A38P)\nH3C S9512E Chassis w/ Fans (0235A38R)\n\n7900.0\n 7900_7.10.R2118\n JG682A HP FlexFabric 7904 Switch Chassis\n\n7500 Switch Series\n 7500_5.20.R6708P09\n7500_5.20.R6708P09-US\n JC666A HP A7503-S 144 Gbps Fab/MPU w 24p Gig-T\nJC697A HP A7502 TAA Main Processing Unit\nJC698A HP A7503S 144 Gbps TAA Fab/MPU w 24p GbE\nJC699A HP A7500 384Gbps TAA Fab/MPU w 2p 10-GbE\nJC700A HP A7500 384 Gbps TAA Fabric / MPU\nJC701A HP A7510 768 Gbps TAA Fabric / MPU\nJD193A HP 384 Gbps A7500 Fab Mod w/2 XFP Ports\nJD193B HP 7500 384Gbps Fab Mod w/2 XFP Ports\nJD194A HP 384 Gbps Fabric A7500 Module\nJD194B HP 7500 384Gbps Fabric Module\nJD195A HP 7500 384Gbps Advanced Fabric Module\nJD196A HP 7502 Fabric Module\nJD220A HP 7500 768Gbps Fabric Module\nJD238A HP A7510 Switch Chassis\nJD238B HP 7510 Switch Chassis\nJD239A HP A7506 Switch Chassis\nJD239B HP 7506 Switch Chassis\nJD240A HP A7503 Switch Chassis\nJD240B HP 7503 Switch Chassis\nJD241A HP A7506 Vertical Switch Chassis\nJD241B HP 7506-V Switch Chassis\nJD242A HP A7502 Switch Chassis\nJD242B HP 7502 Switch Chassis\nJD243A HP A7503 Switch Chassis w/1 Fabric Slot\nJD243B HP 7503-S Switch Chassis w/1 Fabric Slot\n H3C S7502E Ethernet Switch Chassis with Fan (0235A0G4)\nH3C S7503E Ethernet Switch Chassis with Fan (0235A0G2)\nH3C S7503E-S Ethernet Switch Chassis with Fan (0235A0G5)\nH3C S7506E Ethernet Switch Chassis with Fan (0235A0G1)\nH3C S7506E-V Ethernet Switch Chassis with Fan (0235A0G3)\nH3C S7510E Ethernet Switch Chassis with Fan (0235A0G0)\nH3C S7502E Chassis w/ fans (0235A29A)\nH3C S7503E Chassis w/ fans (0235A27R)\nH3C S7503E-S Chassis w/ fans (0235A33R)\nH3C S7506E Chassis w/ fans (0235A27Q)\nH3C S7506E-V Chassis w/ fans (0235A27S)\n\nHSR6800\n HSR6800_5.20.R3303P10\nHSR6800_5.20.R3303P10-US\n JG361A HP HSR6802 Router Chassis\nJG362A HP HSR6804 Router Chassis\nJG363A HP HSR6808 Router Chassis\nJG364A HP HSR6800 RSE-X2 Router MPU\nJG779A HP HSR6800 RSE-X2 Router TAA MPU\n\nHSR6800 Russian Version\n HSR6800_5.20.R3303P10.RU\n JG361A HP HSR6802 Router Chassis\nJG362A HP HSR6804 Router Chassis\nJG363A HP HSR6808 Router Chassis\nJG364A HP HSR6800 RSE-X2 Router MPU\nJG779A HP HSR6800 RSE-X2 Router TAA MPU\n\nHSR6602\n HSR6602_5.20.R3303P10\nHSR6602_5.20.R3303P10-US\n JG353A HP HSR6602-G Router\nJG354A HP HSR6602-XG Router\nJG776A HP HSR6602-G TAA Router\nJG777A HP HSR6602-XG TAA Router\n\nHSR6602 Russian Version\n HSR6602_5.20.R3303P10.RU\n JG353A HP HSR6602-G Router\nJG354A HP HSR6602-XG Router\nJG776A HP HSR6602-G TAA Router\nJG777A HP HSR6602-XG TAA Router\n\n6602.0\n 6602_5.20.R3303P10\n6602_5.20.R3303P10-US\n JC176A HP 6602 Router Chassis\n H3C SR6602 1U Router Host (0235A27D)\n\n6602 Russian Version\n 6602_5.20.R3303P10.RU\n JC176A HP 6602 Router Chassis\n H3C SR6602 1U Router Host (0235A27D)\n\nA6600\n 6600.RPE_5.20.R3303P10\n6600.RSE_5.20.R3303P10\n6600.RPE_5.20.R3303P10-US\n6600.RSE_5.20.R3303P10-US\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJC566A HP A6600 RSE-X1 Main Processing Unit\nJG780A HP 6600 RSE-X1 Router TAA MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\nA6600 Russian Version\n 6600.RPE_5.20.R3303P10.RU\n6600.RSE_5.20.R3303P10.RU\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJC566A HP A6600 RSE-X1 Main Processing Unit\nJG780A HP 6600 RSE-X1 Router TAA MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n6600 MCP\n HSR6602_5.20.R3303P10\nHSR6602_5.20.R3303P10-US\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJG778A HP 6600 MCP-X2 Router TAA MPU. JG355A HP 6600 MCP-X1 Router MPU\nJG356A HP 6600 MCP-X2 Router MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n6600 MCP Russian Version\n HSR6602_5.20.R3303P10.RU\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJG778A HP 6600 MCP-X2 Router TAA MPU\nJG355A HP 6600 MCP-X1 Router MPU\nJG356A HP 6600 MCP-X2 Router MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n5920 Switch Series\n 5900AF-5920AF_7.10.R2311P01\n5900AF-5920AF_7.10.R2311P01-US\n JG296A HP 5920AF-24XG Switch\nJG555A HP 5920AF-24XG TAA Switch\n\n5900 Switch Series\n 5900AF-5920AF_7.10.R2311P01\n5900AF-5920AF_7.10.R2311P01-US\n JC772A HP 5900AF-48XG-4QSFP+ Switch\nJG336A HP 5900AF-48XGT-4QSFP+ Switch\nJG510A HP 5900AF-48G-4XG-2QSFP+ Switch\nJG554A HP 5900AF-48XG-4QSFP+ TAA Switch\nJG838A HP FF 5900CP-48XG-4QSFP+ Switch\n\n5830 Switch Series\n 5830_5.20.R1118P09\n5830_5.20.R1118P09-US\n JC691A HP A5830AF-48G Switch w/1 Interface Slot\nJC694A HP A5830AF-96G Switch\nJG316A HP 5830AF-48G TAA Switch w/1 Intf Slot\nJG374A HP 5830AF-96G TAA Switch\n\n5820 Switch Series\n 5800-5820X_5.20.R1808P25\n5800-5820X_5.20.R1808P27-US\n JC102A HP 5820-24XG-SFP+ Switch\nJC106A HP 5820-14XG-SFP+ Switch with 2 Slots\nJG219A HP 5820AF-24XG Switch\nJG243A HP 5820-24XG-SFP+ TAA-compliant Switch\nJG259A HP 5820X-14XG-SFP+ TAA Switch w 2 Slots\n H3C S5820X-28C 14 port (SFP Plus ) Plus 4-port BT (RJ45) Plus 2 media\nmodules Plus OSM (0235A37L)\nH3C S5820X-28S 24-port 10GBASE-X (SFP Plus ) Plus 4-port 10/100/1000BASE-T\n(RJ45) (0235A370)\n\n5800 Switch Series\n 5800-5820X_5.20.R1808P25\n5800-5820X_5.20.R1808P27-US\n JC099A HP 5800-24G-PoE Switch\nJC100A HP 5800-24G Switch\nJC101A HP 5800-48G Switch with 2 Slots\nJC103A HP 5800-24G-SFP Switch\nJC104A HP 5800-48G-PoE Switch\nJC105A HP 5800-48G Switch\nJG225A HP 5800AF-48G Switch\nJG242A HP 5800-48G-PoE+ TAA Switch w 2 Slots\nJG254A HP 5800-24G-PoE+ TAA-compliant Switch\nJG255A HP 5800-24G TAA-compliant Switch\nJG256A HP 5800-24G-SFP TAA Switch w 1 Intf Slt\nJG257A HP 5800-48G-PoE+ TAA Switch with 1 Slot\nJG258A HP 5800-48G TAA Switch w 1 Intf Slot\n H3C S5800-32C - 24-port 1BT Plus 4-port (SFP Plus ) Plus 1 media slot\n(0235A36U)\nH3C S5800-32C-PWR - 24-port 10/100/1000BASE-T (RJ45) Plus 4-port 10GBASE-X\n(SFP Plus ) Plus 1 media module PoE (0235A36S)\nH3C S5800-32F 24-port 1000BASE-X (SFP) Plus 4-port 10GBASE-X (SFP Plus ) Plus\nmedia module (no power) (0235A374)\nH3C S5800-56C 48-port 10/100/1000BASE-T (RJ45) Plus 4port 10GBASE-X (SFP Plus\n) Plus media module (0235A379)\nH3C S5800-56C-PWR 48-port BT Plus 4 port (SFP Plus ) Plus media module\n(0235A378)\nH3C S5800-60C-PWR 48-port BT Plus 4-port SFP Plus 2 media modules Plus OSM\n(0235A36W)\n\n5500 HI Switch Series\n 5500.HI_5.20.R5501P02\n5500.HI_5.20.R5501P02-US\n JG311A HP HI 5500-24G-4SFP w/2 Intf Slts Switch\nJG312A HP HI 5500-48G-4SFP w/2 Intf Slts Switch\nJG541A HP 5500-24G-PoE+-4SFP HI Switch w/2 Slt\nJG542A HP 5500-48G-PoE+-4SFP HI Switch w/2 Slt\nJG543A HP 5500-24G-SFP HI Switch w/2 Intf Slt\nJG679A HP 5500-24G-PoE+-4SFP HI TAA Swch w/2Slt\nJG680A HP 5500-48G-PoE+-4SFP HI TAA Swch w/2Slt\nJG681A HP 5500-24G-SFP HI TAA Swch w/2Slt\n\n5500 EI Switch Series\n 5500.EI-4800G_5.20.R2221P05\n5500.EI-4800G_5.20.R2221P04-US\n JD373A HP 5500-24G DC EI Switch\nJD374A HP 5500-24G-SFP EI Switch\nJD375A HP 5500-48G EI Switch\nJD376A HP 5500-48G-PoE EI Switch\nJD377A HP 5500-24G EI Switch\nJD378A HP 5500-24G-PoE EI Switch\nJD379A HP 5500-24G-SFP DC EI Switch\nJG240A HP 5500-48G-PoE+ EI Switch w/2 Intf Slts\nJG241A HP 5500-24G-PoE+ EI Switch w/2 Intf Slts\nJG249A HP 5500-24G-SFP EI TAA Switch w 2 Slts\nJG250A HP 5500-24G EI TAA Switch w 2 Intf Slts\nJG251A HP 5500-48G EI TAA Switch w 2 Intf Slts\nJG252A HP 5500-24G-PoE+ EI TAA Switch w/2 Slts\nJG253A HP 5500-48G-PoE+ EI TAA Switch w/2 Slts\n H3C S5500-28C-EI Ethernet Switch (0235A253)\nH3C S5500-28F-EI Eth Switch AC Single (0235A24U)\nH3C S5500-52C-EI Ethernet Switch (0235A24X)\nH3C S5500-28C-EI-DC Ethernet Switch (0235A24S)\nH3C S5500-28C-PWR-EI Ethernet Switch (0235A255)\nH3C S5500-28F-EI Eth Swtch DC Single Pwr (0235A259)\nH3C S5500-52C-PWR-EI Ethernet Switch (0235A251)\n\n5500 SI Switch Series\n 5500.SI_5.20.R2221P04\n JD369A HP 5500-24G SI Switch\nJD370A HP 5500-48G SI Switch\nJD371A HP 5500-24G-PoE SI Switch\nJD372A HP 5500-48G-PoE SI Switch\nJG238A HP 5500-24G-PoE+ SI Switch w/2 Intf Slts\nJG239A HP 5500-48G-PoE+ SI Switch w/2 Intf Slts\n H3C S5500-28C-SI Ethernet Switch (0235A04U)\nH3C S5500-52C-SI Ethernet Switch (0235A04V)\nH3C S5500-28C-PWR-SI Ethernet Switch (0235A05H)\nH3C S5500-52C-PWR-SI Ethernet Switch (0235A05J)\n\n5120 EI Switch Series\n 5120.EI-4210G-4510G_5.20.R2221P04\n5120.EI-4210G-4510G_5.20.R2221P04-US\n JE066A HP 5120-24G EI Switch\nJE067A HP 5120-48G EI Switch\nJE068A HP 5120-24G EI Switch with 2 Slots\nJE069A HP 5120-48G EI Switch with 2 Slots\nJE070A HP 5120-24G-PoE EI Switch with 2 Slots\nJE071A HP 5120-48G-PoE EI Switch with 2 Slots\nJG236A HP 5120-24G-PoE+ EI Switch w/2 Intf Slts\nJG237A HP 5120-48G-PoE+ EI Switch w/2 Intf Slts\nJG245A HP 5120-24G EI TAA Switch w 2 Intf Slts\nJG246A HP 5120-48G EI TAA Switch w 2 Intf Slts\nJG247A HP 5120-24G-PoE+ EI TAA Switch w 2 Slts\nJG248A HP 5120-48G-PoE+ EI TAA Switch w 2 Slts\n H3C S5120-24P-EI 24GE Plus 4ComboSFP (0235A0BQ)\nH3C S5120-28C-EI 24GE Plus 4Combo Plus 2Slt (0235A0BS)\nH3C S5120-48P-EI 48GE Plus 4ComboSFP (0235A0BR)\nH3C S5120-52C-EI 48GE Plus 4Combo Plus 2Slt (0235A0BT)\nH3C S5120-28C-PWR-EI 24G Plus 4C Plus 2S Plus POE (0235A0BU)\nH3C S5120-52C-PWR-EI 48G Plus 4C Plus 2S Plus POE (0235A0BV)\n\n5120 SI switch Series\n 5120.SI_5.20.R1513P86\n JE072A HP 5120-48G SI Switch\nJE073A HP 5120-16G SI Switch\nJE074A HP 5120-24G SI Switch\nJG091A HP 5120-24G-PoE+ (370W) SI Switch\nJG092A HP 5120-24G-PoE+ (170W) SI Switch\n H3C S5120-52P-SI 48GE Plus 4 SFP (0235A41W)\nH3C S5120-20P-SI L2\n16GE Plus 4SFP (0235A42B)\nH3C S5120-28P-SI 24GE Plus 4 SFP (0235A42D)\nH3C S5120-28P-HPWR-SI (0235A0E5)\nH3C S5120-28P-PWR-SI (0235A0E3)\n\n4800 G Switch Series\n 5500.EI-4800G_5.20.R2221P05\n5500.EI-4800G_5.20.R2221P04-US\n JD007A HP 4800-24G Switch\nJD008A HP 4800-24G-PoE Switch\nJD009A HP 4800-24G-SFP Switch\nJD010A HP 4800-48G Switch\nJD011A HP 4800-48G-PoE Switch\n\n 3Com Switch 4800G 24-Port (3CRS48G-24-91)\n3Com Switch 4800G 24-Port SFP (3CRS48G-24S-91)\n3Com Switch 4800G 48-Port (3CRS48G-48-91)\n3Com Switch 4800G PWR 24-Port (3CRS48G-24P-91)\n3Com Switch 4800G PWR 48-Port (3CRS48G-48P-91)\n\n4510G Switch Series\n 5500.EI-4800G_5.20.R2221P05\n5500.EI-4800G_5.20.R2221P04-US\n JF428A HP 4510-48G Switch\nJF847A HP 4510-24G Switch\n\n 3Com Switch 4510G 48 Port (3CRS45G-48-91)\n3Com Switch 4510G PWR 24-Port (3CRS45G-24P-91)\n3Com Switch E4510-24G (3CRS45G-24-91)\n\n4210G Switch Series\n 5120.EI-4210G-4510G_5.20.R2221P04\n5120.EI-4210G-4510G_5.20.R2221P04-US\n JF844A HP 4210-24G Switch\nJF845A HP 4210-48G Switch\nJF846A HP 4210-24G-PoE Switch\n\n 3Com Switch 4210-24G (3CRS42G-24-91)\n3Com Switch 4210-48G (3CRS42G-48-91)\n3Com Switch E4210-24G-PoE (3CRS42G-24P-91)\n\n3610 Switch Series\n S3610-5510_5.20.R5319P08\n JD335A HP 3610-48 Switch\nJD336A HP 3610-24-4G-SFP Switch\nJD337A HP 3610-24-2G-2G-SFP Switch\nJD338A HP 3610-24-SFP Switch\n H3C S3610-52P - model LS-3610-52P-OVS (0235A22C)\nH3C S3610-28P - model LS-3610-28P-OVS (0235A22D)\nH3C S3610-28TP - model LS-3610-28TP-OVS (0235A22E)\nH3C S3610-28F - model LS-3610-28F-OVS (0235A22F)\n\n3600 V2 Switch Series\n 3600V2_5.20.R2109P05\n JG299A HP 3600-24 v2 EI Switch\nJG300A HP 3600-48 v2 EI Switch\nJG301A HP 3600-24-PoE+ v2 EI Switch\nJG301B HP 3600-24-PoE+ v2 EI Switch\nJG302A HP 3600-48-PoE+ v2 EI Switch\nJG302B HP 3600-48-PoE+ v2 EI Switch\nJG303A HP 3600-24-SFP v2 EI Switch\nJG304A HP 3600-24 v2 SI Switch\nJG305A HP 3600-48 v2 SI Switch\nJG306A HP 3600-24-PoE+ v2 SI Switch\nJG306B HP 3600-24-PoE+ v2 SI Switch\nJG307A HP 3600-48-PoE+ v2 SI Switch\nJG307B HP 3600-48-PoE+ v2 SI Switch\n\n3100V2\n 3100V2_5.20.R5203P07\n JD313B HP 3100-24-PoE v2 EI Switch\nJD318B HP 3100-8 v2 EI Switch\nJD319B HP 3100-16 v2 EI Switch\nJD320B HP 3100-24 v2 EI Switch\nJG221A HP 3100-8 v2 SI Switch\nJG222A HP 3100-16 v2 SI Switch\nJG223A HP 3100-24 v2 SI Switch\n\n3100V2-48\n 3100V2.48_5.20.R2109P05\n JG315A HP 3100-48 v2 Switch\n\n1920.0\n 1920-48G-JG927A_5.20.R1104\n1920-8G-PoE-65W-JG921A_5.20.R1104\n1920-8G-JG920A_5.20.R1104\n1920-24G-PoE-370W-JG926A_5.20.R1104\n1920-24G-PoE-180W-JG925A_5.20.R1104\n1920-24G-JG924A_5.20.R1104\n1920-16G-JG923A_5.20.R1104\n1920-8G-PoE-180W-JG922A_5.20.R1104\n JG927A HP 1920-48G Switch\nJG921A HP 1920-8G-PoE+ (65W) Switch\nJG920A HP 1920-8G Switch\nJG926A HP 1920-24G-PoE+ (370W) Switch\nJG925A HP 1920-24G-PoE+ (180W) Switch\nJG924A HP 1920-24G Switch\nJG923A HP 1920-16G Switch\nJG922A HP 1920-8G-PoE+ (180W) Switch\n\n1910.0\n 1910-8-POE-JG537_5.20.R1106\n1910-48-JG540_5.20.R1106\n1910-24-JG538_5.20.R1106\n1910-24-POE-JG539_5.20.R1106\n1910-8-JG536_5.20.R1106\n JG537A HP 1910-8 -PoE+ Switch\nJG540A HP 1910-48 Switch\nJG538A HP 1910-24 Switch\nJG539A HP 1910-24-PoE+ Switch\nJG536A HP 1910-8 Switch\n\n1810v1 P2\n Fix in progress\nuse mitigations\n J9449A HP 1810-8G Switch\nJ9450A HP 1810-24G Switch\n\n1810v1 PK\n Fix in progress\nuse mitigations\n J9660A HP 1810-48G Switch\n\nMSR20\n MSR20.SI_5.20.R2513P02\n JD432A HP A-MSR20-21 Multi-Service Router\nJD662A HP MSR20-20 Multi-Service Router\nJD663A HP MSR20-21 Multi-Service Router\nJD663B HP MSR20-21 Router\nJD664A HP MSR20-40 Multi-Service Router\nJF228A HP MSR20-40 Router\nJF283A HP MSR20-20 Router\n H3C RT-MSR2020-AC-OVS-H3C (0235A324)\nH3C RT-MSR2040-AC-OVS-H3 (0235A326)\nH3C MSR 20-20 (0235A19H)\nH3C MSR 20-21 (0235A325)\nH3C MSR 20-40 (0235A19K)\nH3C MSR-20-21 Router (0235A19J)\n\nMSR20-1X\n MSR201X_5.20.R2513P02\n JD431A HP MSR20-10 Router\nJD667A HP MSR20-15 IW Multi-Service Router\nJD668A HP MSR20-13 Multi-Service Router\nJD669A HP MSR20-13 W Multi-Service Router\nJD670A HP MSR20-15 A Multi-Service Router\nJD671A HP MSR20-15 AW Multi-Service Router\nJD672A HP MSR20-15 I Multi-Service Router\nJD673A HP MSR20-11 Multi-Service Router\nJD674A HP MSR20-12 Multi-Service Router\nJD675A HP MSR20-12 W Multi-Service Router\nJD676A HP MSR20-12 T1 Multi-Service Router\nJF236A HP MSR20-15-I Router\nJF237A HP MSR20-15-A Router\nJF238A HP MSR20-15-I-W Router\nJF239A HP MSR20-11 Router\nJF240A HP MSR20-13 Router\nJF241A HP MSR20-12 Router\nJF806A HP MSR20-12-T Router\nJF807A HP MSR20-12-W Router\nJF808A HP MSR20-13-W Router\nJF809A HP MSR20-15-A-W Router\nJF817A HP MSR20-15 Router\nJG209A HP MSR20-12-T-W Router (NA)\nJG210A HP MSR20-13-W Router (NA)\n H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)\nH3C MSR 20-10 (0235A0A7)\nH3C RT-MSR2011-AC-OVS-H3 (0235A395)\nH3C RT-MSR2012-AC-OVS-H3 (0235A396)\nH3C RT-MSR2012-AC-OVS-W-H3 (0235A397)\nH3C RT-MSR2012-T-AC-OVS-H3 (0235A398)\nH3C RT-MSR2013-AC-OVS-H3 (0235A390)\nH3C RT-MSR2013-AC-OVS-W-H3 (0235A391)\nH3C RT-MSR2015-AC-OVS-A-H3 (0235A392)\nH3C RT-MSR2015-AC-OVS-AW-H3 (0235A393)\nH3C RT-MSR2015-AC-OVS-I-H3 (0235A394)\nH3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V)\nH3C MSR 20-11 (0235A31V)\nH3C MSR 20-12 (0235A32E)\nH3C MSR 20-12 T1 (0235A32B)\nH3C MSR 20-13 (0235A31W)\nH3C MSR 20-13 W (0235A31X)\nH3C MSR 20-15 A (0235A31Q)\nH3C MSR 20-15 A W (0235A31R)\nH3C MSR 20-15 I (0235A31N)\nH3C MSR 20-15 IW (0235A31P)\nH3C MSR20-12 W (0235A32G)\n\nMSR30\n MSR30.SI_5.20.R2513P02\n JD654A HP MSR30-60 POE Multi-Service Router\nJD657A HP MSR30-40 Multi-Service Router\nJD658A HP MSR30-60 Multi-Service Router\nJD660A HP MSR30-20 POE Multi-Service Router\nJD661A HP MSR30-40 POE Multi-Service Router\nJD666A HP MSR30-20 Multi-Service Router\nJF229A HP MSR30-40 Router\nJF230A HP MSR30-60 Router\nJF232A HP RT-MSR3040-AC-OVS-AS-H3\nJF235A HP MSR30-20 DC Router\nJF284A HP MSR30-20 Router\nJF287A HP MSR30-40 DC Router\nJF801A HP MSR30-60 DC Router\nJF802A HP MSR30-20 PoE Router\nJF803A HP MSR30-40 PoE Router\nJF804A HP MSR30-60 PoE Router\n H3C MSR 30-20 Router (0235A328)\nH3C MSR 30-40 Router Host(DC) (0235A268)\nH3C RT-MSR3020-AC-POE-OVS-H3 (0235A322)\nH3C RT-MSR3020-DC-OVS-H3 (0235A267)\nH3C RT-MSR3040-AC-OVS-H (0235A299)\nH3C RT-MSR3040-AC-POE-OVS-H3 (0235A323)\nH3C RT-MSR3060-AC-OVS-H3 (0235A320)\nH3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)\nH3C RT-MSR3060-DC-OVS-H3 (0235A269)\nH3C MSR 30-20 RTVZ33020AS Router Host(AC) (0235A20S)\nH3C MSR 30-20 (0235A19L)\nH3C MSR 30-20 POE (0235A239)\nH3C MSR 30-40 (0235A20J)\nH3C MSR 30-40 POE (0235A25R)\nH3C MSR 30-60 (0235A20K)\nH3C MSR 30-60 POE (0235A25S)\nH3C RT-MSR3040-AC-OVS-AS-H3 (0235A20V)\n\nMSR30-16\n MSR3016.SI_5.20.R2513P02\n JD659A HP MSR30-16 POE Multi-Service Router\nJD665A HP MSR30-16 Multi-Service Router\nJF233A HP MSR30-16 Router\nJF234A HP MSR30-16 PoE Router\n H3C RT-MSR3016-AC-OVS-H3 (0235A327)\nH3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)\nH3C MSR 30-16 (0235A237)\nH3C MSR 30-16 POE (0235A238)\n\nMSR30-1X\n MSR301X.SI_5.20.R2513P09\n JF800A HP MSR30-11 Router\nJF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\nJG182A HP MSR30-11E Router\nJG183A HP MSR30-11F Router\nJG184A HP MSR30-10 DC Router\n H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)\nH3C RT-MSR3011-AC-OVS-H3 (0235A29L)\n\nMSR50\n MSR50.SI_5.20.R2513P02\n JD433A HP MSR50-40 Router\nJD653A HP MSR50 Processor Module\nJD655A HP MSR50-40 Multi-Service Router\nJD656A HP MSR50-60 Multi-Service Router\nJF231A HP MSR50-60 Router\nJF285A HP MSR50-40 DC Router\nJF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n H3C MSR 50-40 Router (0235A297)\nH3C MSR5040-DC-OVS-H3C (0235A20P)\nH3C RT-MSR5060-AC-OVS-H3 (0235A298)\nH3C MSR 50-40 Chassis (0235A20N)\nH3C MSR 50-60 Chassis (0235A20L)\n\nMSR50-G2\n MSR50.EPUSI_5.20.R2513P02\n JD429A HP MSR50 G2 Processor Module\nJD429B HP MSR50 G2 Processor Module\n H3C H3C MSR 50 Processor Module-G2 (0231A84Q)\nH3C MSR 50 High Performance Main Processing Unit 3GE (Combo)\n256F/1GD(0231A0KL)\n\nMSR20 Russian version\n MSR20.SI_5.20.R2513L03.RU\n JD663B HP MSR20-21 Router\nJF228A HP MSR20-40 Router\nJF283A HP MSR20-20 Router\n H3C RT-MSR2020-AC-OVS-H3C (0235A324)\nH3C RT-MSR2040-AC-OVS-H3 (0235A326)\n\nMSR20-1X Russian version\n MSR201X_5.20.R2513L03.RU\n JD431A HP MSR20-10 Router\nJF236A HP MSR20-15-I Router\nJF237A HP MSR20-15-A Router\nJF238A HP MSR20-15-I-W Router\nJF239A HP MSR20-11 Router\nJF240A HP MSR20-13 Router\nJF241A HP MSR20-12 Router\nJF806A HP MSR20-12-T Router\nJF807A HP MSR20-12-W Router\nJF808A HP MSR20-13-W Router\nJF809A HP MSR20-15-A-W Router\nJF817A HP MSR20-15 Router\n H3C MSR 20-10 (0235A0A7)\nH3C RT-MSR2015-AC-OVS-I-H3 (0235A394)\nH3C RT-MSR2015-AC-OVS-A-H3 (0235A392)\nH3C RT-MSR2015-AC-OVS-AW-H3 (0235A393)\nH3C RT-MSR2011-AC-OVS-H3 (0235A395)\nH3C RT-MSR2013-AC-OVS-H3 (0235A390)\nH3C RT-MSR2012-AC-OVS-H3 (0235A396)\nH3C RT-MSR2012-T-AC-OVS-H3 (0235A398)\nH3C RT-MSR2012-AC-OVS-W-H3 (0235A397)\nH3C RT-MSR2013-AC-OVS-W-H3 (0235A391)\nH3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V)\nH3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)\n\nMSR30 Russian version\n MSR30.SI_5.20.R2513L03.RU\n JF229A HP MSR30-40 Router\nJF230A HP MSR30-60 Router\nJF235A HP MSR30-20 DC Router\nJF284A HP MSR30-20 Router\nJF287A HP MSR30-40 DC Router\nJF801A HP MSR30-60 DC Router\nJF802A HP MSR30-20 PoE Router\nJF803A HP MSR30-40 PoE Router\nJF804A HP MSR30-60 PoE Router\n H3C RT-MSR3040-AC-OVS-H (0235A299)\nH3C RT-MSR3060-AC-OVS-H3 (0235A320)\nH3C RT-MSR3020-DC-OVS-H3 (0235A267)\nH3C MSR 30-20 Router (0235A328)\nH3C MSR 30-40 Router Host(DC) (0235A268)\nH3C RT-MSR3060-DC-OVS-H3 (0235A269)\nH3C RT-MSR3020-AC-POE-OVS-H3 (0235A322)\nH3C RT-MSR3040-AC-POE-OVS-H3 (0235A323)\nH3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)\n\nMSR30-16 Russian version\n MSR3016.SI_5.20.R2513L03.RU\n JF233A HP MSR30-16 Router\nJF234A HP MSR30-16 PoE Router\n H3C RT-MSR3016-AC-OVS-H3 (0235A327)\nH3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)\n\nMSR30-1X Russian version\n MSR301X.SI_5.20.R2513L03.RU\n JF800A HP MSR30-11 Router\nJF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\nJG182A HP MSR30-11E Router\nJG183A HP MSR30-11F Router\nJG184A HP MSR30-10 DC Router\n H3C RT-MSR3011-AC-OVS-H3 (0235A29L)\nH3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)\n\nMSR50 Russian version\n MSR50.SI_5.20.R2513L03.RU\n JD433A HP MSR50-40 Router\nJD653A HP MSR50 Processor Module\nJD655A HP MSR50-40 Multi-Service Router\nJD656A HP MSR50-60 Multi-Service Router\nJF231A HP MSR50-60 Router\nJF285A HP MSR50-40 DC Router\nJF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n H3C MSR 50-40 Router (0235A297)\nH3C MSR 50 Processor Module (0231A791)\nH3C MSR 50-40 Chassis (0235A20N)\nH3C MSR 50-60 Chassis (0235A20L)\nH3C RT-MSR5060-AC-OVS-H3 (0235A298)\nH3C MSR5040-DC-OVS-H3C (0235A20P)\n\nMSR50 G2 Russian version\n MSR50.EPUSI_5.20.R2513L03.RU\n JD429B HP MSR50 G2 Processor Module\n H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD\n(0231A0KL)\n\nMSR9XX\n MSR9XX_5.20.R2513P02\n JF812A HP MSR900 Router\nJF813A HP MSR920 Router\nJF814A HP MSR900-W Router\nJF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr\nJG207A HP MSR900-W Router (NA)\nJG208A HP MSR920-W Router (NA)\n H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b\n(0235A0C2)\nH3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX)\nH3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4)\nH3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0)\n\nMSR93X\n MSR93X_5.20.R2513P02\n JG511A HP MSR930 Router\nJG512A HP MSR930 Wireless Router\nJG513A HP MSR930 3G Router\nJG514A HP MSR931 Router\nJG515A HP MSR931 3G Router\nJG516A HP MSR933 Router\nJG517A HP MSR933 3G Router\nJG518A HP MSR935 Router\nJG519A HP MSR935 Wireless Router\nJG520A HP MSR935 3G Router\nJG531A HP MSR931 Dual 3G Router\nJG596A HP MSR930 4G LTE/3G CDMA Router\nJG597A HP MSR936 Wireless Router\nJG665A HP MSR930 4G LTE/3G WCDMA Global Router\nJG704A HP MSR930 4G LTE/3G WCDMA ATT Router\n\nMSR1000\n MSR1000_5.20.R2513P02\n JG732A HP MSR1003-8 AC Router\n\nMSR1000 Russian version\n MSR1000_5.20.R2513L03-RU\n JG732A HP MSR1003-8 AC Router\n\nMSR2000\n MSR2000_7.10.R0106P02\n JG411A HP MSR2003 AC Router\n\nMSR3000\n MSR3000_7.10.R0106P02\n JG404A HP MSR3064 Router\nJG405A HP MSR3044 Router\nJG406A HP MSR3024 AC Router\nJG409A HP MSR3012 AC Router\nJG861A HP MSR3024 TAA-compliant AC Router\n\nMSR4000\n MSR4000_7.10.R0106P02\n JG402A HP MSR4080 Router Chassis\nJG403A HP MSR4060 Router Chassis\nJG412A HP MSR4000 MPU-100 Main Processing Unit\n\nF5000\n SECPATH5000FA_5.20.F3210P20\n JG216A HP F5000 Firewall Standalone Chassis\nJD259A HP A5000-A5 VPN Firewall Chassis\n H3C SecPath F5000-A5 Host System (0150A0AG)\n\nF5000 C\n F5000C_5.20.R3811\n JG650A HP F5000-C VPN Firewall Appliance\n\nF5000 S\n F5000S_5.20.R3811\n JG370A HP F5000-S VPN Firewall Appliance\n\nU200S and CS\n U200S_U200CS_5.20.F5123P27\n JD268A HP 200-CS UTM Appliance\nJD273A HP U200-S UTM Appliance\n H3C SecPath U200-S (0235A36N)\n\nU200A and M\n U200A_U200M_5.20.F5123P27\n JD274A HP 200-M UTM Appliance\nJD275A HP U200-A UTM Appliance\n H3C SecPath U200-A (0235A36Q)\n\nF1000A and S\n AF1000S.EI_3.40.R3734\n JD270A HP S1000-S VPN Firewall Appliance\nJD271A HP S1000-A VPN Firewall Appliance\nJG213A HP F1000-S-EI VPN Firewall Appliance\nJG214A HP F1000-A-EI VPN Firewall Appliance\n\nSecBlade III\n SECBLADEIII.FW_5.20.R3820\n JG371A HP 12500 20Gbps VPN Firewall Module\nJG372A HP 10500/11900/7500 20Gbps VPN FW Mod\n\nSecBlade FW\n SECBLADE2-FW_5.20.R3181\n JC635A HP 12500 VPN Firewall Module\nJD245A HP 9500 VPN Firewall Module\nJD249A HP 10500/7500 Advanced VPN Firewall Mod\nJD250A HP 6600 Firewall Processing Rtr Module\nJD251A HP 8800 Firewall Processing Module\nJD255A HP 5820 VPN Firewall Module\n H3C S9500E SecBlade VPN Firewall Module (0231A0AV)\nH3C S7500E SecBlade VPN Firewall Module (0231A832)\nH3C SR66 Gigabit Firewall Module (0231A88A)\nH3C SR88 Firewall Processing Module (0231A88L)\nH3C S5820 SecBlade VPN Firewall Module (0231A94J)\n\nF1000E\n SECPATH1000FE_5.20.R3181\n JD272A HP S1000-E VPN Firewall Appliance\n\nVSR1000\n VSR1000_7.10.R0203\n JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software\nJG811AAE HP VSR1001 Comware 7 Virtual Services Router\nJG812AAE HP VSR1004 Comware 7 Virtual Services Router\nJG813AAE HP VSR1008 Comware 7 Virtual Services Router\n\nWX5002/5004\n WX5002-WX5004_5.20.R2507P26\n JD441A HP 5800 ACM for 64-256 APs\nJD447B HP WX5002 Access Controller\nJD448A HP A-WX5004 Access Controller\nJD448B HP WX5004 Access Controller\nJD469A HP A-WX5004 (3Com) Access Controller\nJG261A HP 5800 Access Controller OAA TAA Mod\n\nHP 850/870\n 850-870_5.20.R2607P26\n JG723A HP 870 Unified Wired-WLAN Appliance\nJG725A HP 870 Unifd Wrd-WLAN TAA Applnc\nJG722A HP 850 Unified Wired-WLAN Appliance\nJG724A HP 850 Unifd Wrd-WLAN TAA Applnc\n\nHP 830\n 830_5.20.R3507P26\n JG640A HP 830 24P PoE+ Unifd Wired-WLAN Swch\nJG641A HP 830 8P PoE+ Unifd Wired-WLAN Swch\nJG646A HP 830 24-Port PoE+ Wrd-WLAN TAA Switch\nJG647A HP 830 8-Port PoE+ Wrd-WLAN TAA Switch\n\nHP 6000\n 6000_5.20.R2507P27\n JG639A HP 10500/7500 20G Unified Wired-WLAN Mod\nJG645A HP 10500/7500 20G Unifd Wrd-WLAN TAA Mod\n\nM220\n Fix in progress\nuse mitigations\n J9798A HP M220 802.11n AM Access Point\nJ9799A HP M220 802.11n WW Access Point\n\nNGFW\n The Software Downloads and software release notes for your NGFW Appliance(s)\ncan be acquired with a valid support contract by accessing the Threat\nManagement Center (TMC). In your web browser\nopen https://tmc.tippingpoint.com. \n JC882A HP S1050F NGFW Aplnc w/DVLabs 1-yr Lic\nJC883A HP S3010F NGFW Aplnc w/DVLabs 1-yr Lic\nJC884A HP S3020F NGFW Aplnc w/DVLabs 1-yr Lic\nJC885A HP S8005F NGFW Aplnc w/DVLabs 1-yr Lic\nJC886A HP S8010F NGFW Aplnc w/DVLabs 1-yr Lic\n\niMC UAM 7.x\n5.x\n iMC UAM 7.0 (E0203P04)\n JD144A HP IMC UAM S/W Module w/200-User License\nJF388A HP IMC UAM S/W Module w/200-user License\nJD435A HP IMC EAD Client Software\nJF388AAE HP IMC UAM S/W Module w/200-user E-LTU\nJG752AAE HP IMC UAM SW Mod w/ 50-user E-LTU\n\niMC EAD 7.x\n5.x\n iMC EAD v7.1 (E0301)\n JF391AAE HP IMC EAD S/W Module w/200-user E-LTU\nJG754AAE HP IMC EAD SW Module w/ 50-user E-LTU\nJD147A HP IMC Endpoint Admission Defense Software Module with 200-user\nLicense\nJF391A HP IMC EAD S/W Module w/200-user License\n\nHISTORY\nVersion:1 (rev.1) - 20 June 2014 Initial release\nVersion:2 (rev.2) - 20 November 2014 Removed iMC Platform Products, 5900\nvirtual switch, and Router 8800 products. Further analysis revealed that\nthose products as not vulnerable. Added additional products. \n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.19 (GNU/Linux)\n\niEYEARECAAYFAlRuJqYACgkQ4B86/C0qfVkBZwCg+M/bssV0KI2Nfe2delq1N6KO\n2ZUAoKT/5gXpIsdJb4Jyh8GVclzk70rZ\n=9QSF\n-----END PGP SIGNATURE-----\n. OpenSSL Security Advisory [05 Jun 2014]\n========================================\n\nSSL/TLS MITM vulnerability (CVE-2014-0224)\n===========================================\n\nAn attacker using a carefully crafted handshake can force the use of weak\nkeying material in OpenSSL SSL/TLS clients and servers. This can be exploited\nby a Man-in-the-middle (MITM) attack where the attacker can decrypt and \nmodify traffic from the attacked client and server. \n\nThe attack can only be performed between a vulnerable client *and*\nserver. OpenSSL clients are vulnerable in all versions of OpenSSL. Users\nof OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution. \n\nOpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za. \nOpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m. \nOpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h. \n\nThanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 1st May\n2014 via JPCERT/CC. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team partly based\non an original patch from KIKUCHI Masashi. \n\nDTLS recursion flaw (CVE-2014-0221)\n====================================\n\nBy sending an invalid DTLS handshake to an OpenSSL DTLS client the code\ncan be made to recurse eventually crashing in a DoS attack. \n\nOnly applications using OpenSSL as a DTLS client are affected. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This\nissue was reported to OpenSSL on 9th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nDTLS invalid fragment vulnerability (CVE-2014-0195)\n====================================================\n\nA buffer overrun attack can be triggered by sending invalid DTLS fragments\nto an OpenSSL DTLS client or server. This is potentially exploitable to\nrun arbitrary code on a vulnerable client or server. \n\nOnly applications using OpenSSL as a DTLS client or server affected. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to J\u00fcri Aedla for reporting this issue. This issue was\nreported to OpenSSL on 23rd April 2014 via HP ZDI. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. This flaw\nonly affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is\nenabled, which is not the default and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. The fix was developed by\nMatt Caswell of the OpenSSL development team. \n\nSSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)\n===============================================================================\n \nA race condition in the ssl3_read_bytes function can allow remote\nattackers to inject data across sessions or cause a denial of service. \nThis flaw only affects multithreaded applications using OpenSSL 1.0.0\nand 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the\ndefault and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. \n\nAnonymous ECDH denial of service (CVE-2014-3470)\n================================================\n\nOpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a\ndenial of service attack. \n\nOpenSSL 0.9.8 users should upgrade to 0.9.8za\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThanks to Felix Gr\u00f6bert and Ivan Fratri\u0107 at Google for discovering this\nissue. This issue was reported to OpenSSL on 28th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nOther issues\n============\n\nOpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for\nCVE-2014-0076: Fix for the attack described in the paper \"Recovering\nOpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack\"\nReported by Yuval Yarom and Naomi Benger. This issue was previously\nfixed in OpenSSL 1.0.1g. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20140605.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. Relevant releases/architectures:\n\nRed Hat Storage Server 2.1 - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write buffers\nwhen the SSL_MODE_RELEASE_BUFFERS mode was enabled. A specially crafted DTLS handshake packet could cause\na DTLS client using OpenSSL to crash. A specially\ncrafted handshake packet could cause a TLS/SSL client that has the\nanonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nRed Hat would like to thank the OpenSSL project for reporting these issues. \nUpstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter\nof CVE-2014-0224, J\u00fcri Aedla as the original reporter of CVE-2014-0195,\nImre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix\nGr\u00f6bert and Ivan Fratri\u0107 of Google as the original reporters of\nCVE-2014-3470. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Package List:\n\nRed Hat Storage Server 2.1:\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.14.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0198"
},
{
"db": "BID",
"id": "67193"
},
{
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"db": "PACKETSTORM",
"id": "126710"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "126532"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "129218"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126930"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0198",
"trust": 3.2
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 2.0
},
{
"db": "BID",
"id": "67193",
"trust": 2.0
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58337",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59284",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59990",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60049",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60066",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59437",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59514",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59491",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58667",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58713",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61254",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59301",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59449",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59669",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59374",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59264",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59438",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59310",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59306",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59529",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59287",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59784",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59398",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59202",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59190",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59666",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59440",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58945",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59282",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59163",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58977",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59126",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59342",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58714",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60571",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59525",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-234763",
"trust": 1.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2148",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03G",
"trust": 0.4
},
{
"db": "DLINK",
"id": "SAP10045",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10643",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03F",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03B",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03C",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03D",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-0198",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126710",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127213",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126532",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127807",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127326",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127045",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129218",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126961",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127265",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126930",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"db": "BID",
"id": "67193"
},
{
"db": "PACKETSTORM",
"id": "126710"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "126532"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "129218"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
},
{
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"id": "VAR-201405-0244",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.416493127826087
},
"last_update_date": "2024-07-23T22:12:00.239000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ssl-s3_pkt.c",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49771"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/07/10/fireeye_patches_os_torpedo_exploitdb_disclosure/"
},
{
"title": "Debian Security Advisories: DSA-2931-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=828d990b615b0dfea284a3530e6fe590"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2192-1"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0198 Null pointer dereference bug in OpenSSL 1.0.1g and earlier",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=94b6140bb563b66b3bcd98992e854bf3"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=b92b65104373bc8476811ff1b99cd369"
},
{
"title": "Red Hat: CVE-2014-0198",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0198"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=07d14df4883f21063a053cea8d2239c6"
},
{
"title": "Amazon Linux AMI: ALAS-2014-349",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-349"
},
{
"title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
},
{
"title": "Symantec Security Advisories: SA80 : OpenSSL Security Advisory 05-Jun-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=dd4667746d163d08265dfdd4c98e4201"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=afbd3a710e98424e558b1b21482abad6"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4a692d6d60aa31507cb101702b494c51"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 2.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 2.0,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095757"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095756"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095755"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095754"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
},
{
"trust": 2.0,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html"
},
{
"trust": 2.0,
"url": "http://support.citrix.com/article/ctx140876"
},
{
"trust": 2.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29195"
},
{
"trust": 2.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 2.0,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"trust": 1.8,
"url": "http://advisories.mageia.org/mgasa-2014-0204.html"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1093837"
},
{
"trust": 1.7,
"url": "http://www.openbsd.org/errata55.html#005_openssl"
},
{
"trust": 1.7,
"url": "https://rt.openssl.org/ticket/display.html?user=guest\u0026pass=guest\u0026id=3321"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00036.html"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2014/dsa-2931"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00037.html"
},
{
"trust": 1.7,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"trust": 1.7,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59438"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59301"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59491"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59666"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59126"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.7,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59514"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59669"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59342"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60049"
},
{
"trust": 1.7,
"url": "http://puppetlabs.com/security/cve/cve-2014-0198"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60066"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59990"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60571"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59784"
},
{
"trust": 1.7,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141658880509699\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140544599631400\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"trust": 1.7,
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 1.7,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/67193"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:080"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61254"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59529"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59525"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59449"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59440"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59437"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59398"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59374"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59310"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59306"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59287"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59284"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59282"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59264"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59202"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59190"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59163"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58977"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58945"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58714"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58713"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58667"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58337"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887855"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2148/"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.5,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03g"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0198_buffer_errors"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10045"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29217"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list\u0026showdraft=false"
},
{
"trust": 0.3,
"url": "http://www.cerberusftp.com/products/releasenotes.html"
},
{
"trust": 0.3,
"url": "http://blogs.citrix.com/2014/06/06/citrix-security-advisory-for-openssl-vulnerabilities-june-2014/"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10643\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://anoncvs.estpak.ee/cgi-bin/cgit/openbsd-src/commit/lib/libssl?id=e76e308f1fab2253ab5b4ef52a1865c5ffecdf21"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/may/67"
},
{
"trust": 0.3,
"url": "http://ftp.openbsd.org/pub/openbsd/patches/5.5/common/005_openssl.patch.sig"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181099"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100180978"
},
{
"trust": 0.3,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-198-03"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03d"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=98ec479ee69ccb916d2ea4b09943faf5?nocount=true\u0026externalid=kb36051\u0026sliceid=1\u0026cmd=\u0026forward=nonthreadedkc\u0026command=show\u0026kcid=kb36051\u0026viewe"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368264"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04347622"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349175"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678356"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095940"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004830"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020200"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0625.html"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021009"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678104"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690128"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004695"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03b"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03c"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03f"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-bd9a1cf60e344c549c4888db93"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-3395d737d98f42149125b9bb05"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-e8076c2a35804685ad65b2b1ba"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-c0d32bac154a4d93839d8cd1f2"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-8aefeaf490284a7691eca97d13"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/476.html"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-2931"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2192-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-0198"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34106"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-511c3e0b2f6f4f6bbc796fc619"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-3a7aa5e233904ebe847a5e1555"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-d775367b0a28449ca05660778b"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-f6c141a7feeb4a358bbb28300f"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3470"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0221"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0198"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0224"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0195"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/products/service_pack/hpsu"
},
{
"trust": 0.1,
"url": "https://twitter.com/vmwaresrc"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2077359"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/lifecycle.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/patchmgr/download.portal"
},
{
"trust": 0.1,
"url": "https://tmc.tippingpoint.com."
},
{
"trust": 0.1,
"url": "http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid="
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-8208c3987b1b4a5093f3e8fcc3"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0224.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0198.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/solutions/906703"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/904433"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2010-5298.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0628.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3470.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0221.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0195.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"db": "BID",
"id": "67193"
},
{
"db": "PACKETSTORM",
"id": "126710"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "126532"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "129218"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
},
{
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"db": "BID",
"id": "67193"
},
{
"db": "PACKETSTORM",
"id": "126710"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "126532"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "129218"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
},
{
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-06T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"date": "2014-05-02T00:00:00",
"db": "BID",
"id": "67193"
},
{
"date": "2014-05-19T17:01:19",
"db": "PACKETSTORM",
"id": "126710"
},
{
"date": "2014-06-25T21:32:38",
"db": "PACKETSTORM",
"id": "127213"
},
{
"date": "2014-05-08T17:00:26",
"db": "PACKETSTORM",
"id": "126532"
},
{
"date": "2014-08-08T21:53:16",
"db": "PACKETSTORM",
"id": "127807"
},
{
"date": "2014-07-28T20:36:25",
"db": "PACKETSTORM",
"id": "127630"
},
{
"date": "2017-01-25T21:54:44",
"db": "PACKETSTORM",
"id": "140720"
},
{
"date": "2014-07-02T21:43:37",
"db": "PACKETSTORM",
"id": "127326"
},
{
"date": "2014-06-11T23:18:46",
"db": "PACKETSTORM",
"id": "127045"
},
{
"date": "2014-11-21T18:56:39",
"db": "PACKETSTORM",
"id": "129218"
},
{
"date": "2014-06-05T21:13:52",
"db": "PACKETSTORM",
"id": "126961"
},
{
"date": "2014-06-27T18:43:23",
"db": "PACKETSTORM",
"id": "127265"
},
{
"date": "2014-06-05T15:19:35",
"db": "PACKETSTORM",
"id": "126930"
},
{
"date": "2014-05-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-057"
},
{
"date": "2014-05-06T10:44:05.470000",
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"date": "2017-05-23T16:24:00",
"db": "BID",
"id": "67193"
},
{
"date": "2022-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-057"
},
{
"date": "2022-08-29T20:50:31.340000",
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL \u2018 do_ssl3_write \u2018Function buffer error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
}
],
"trust": 0.6
}
}
VAR-202203-0664
Vulnerability from variot - Updated: 2024-07-23 21:44BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. This issue causes it to obtain and pass on potentially incorrect answers. (CVE-2021-25220) By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. (CVE-2022-2795) By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. (CVE-2022-38177) By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. (CVE-2022-38178). ========================================================================== Ubuntu Security Notice USN-5332-1 March 17, 2022
bind9 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in Bind.
Software Description: - bind9: Internet Domain Name Server
Details:
Xiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind incorrectly handled certain bogus NS records when using forwarders. A remote attacker could possibly use this issue to manipulate cache results. (CVE-2021-25220)
It was discovered that Bind incorrectly handled certain crafted TCP streams. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. This issue only affected Ubuntu 21.10. (CVE-2022-0396)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.10: bind9 1:9.16.15-1ubuntu1.2
Ubuntu 20.04 LTS: bind9 1:9.16.1-0ubuntu2.10
Ubuntu 18.04 LTS: bind9 1:9.11.3+dfsg-1ubuntu1.17
In general, a standard system update will make all the necessary changes.
For the oldstable distribution (buster), this problem has been fixed in version 1:9.11.5.P4+dfsg-5.1+deb10u7.
For the stable distribution (bullseye), this problem has been fixed in version 1:9.16.27-1~deb11u1.
We recommend that you upgrade your bind9 packages.
For the detailed security status of bind9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/bind9
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmI010UACgkQEMKTtsN8 Tjbp3xAAil38qfAIdNkaIxY2bauvTyZDWzr6KUjph0vzmLEoAFQ3bysVSGlCnZk9 IgdyfPRWQ+Bjau1/dlhNYaTlnQajbeyvCXfJcjRRgtUDCp7abZcOcb1WDu8jWLGW iRtKsvKKrTKkIou5LgDlyqZyf6OzjgRdwtm86GDPQiCaSEpmbRt+APj5tkIA9R1G ELWuZsjbIraBU0TsNfOalgNpAWtSBayxKtWB69J8rxUV69JI194A4AJ0wm9SPpFV G/TzlyHp1dUZJRLNmZOZU/dq4pPsXzh9I4QCg1kJWsVHe2ycAJKho6hr5iy43fNl MuokfI9YnU6/9SjHrQAWp1X/6MYCR8NieJ933W89/Zb8eTjTZC8EQGo6fkA287G8 glQOrJHMQyV+b97lT67+ioTHNzTEBXTih7ZDeC1TlLqypCNYhRF/ll0Hx/oeiJFU rbjh2Og9huhD5JH8z8YAvY2g81e7KdPxazuKJnQpxGutqddCuwBvyI9fovYrah9W bYD6rskLZM2x90RI2LszHisl6FV5k37PaczamlRqGgbbMb9YlnDFjJUbM8rZZgD4 +8u/AkHq2+11pTtZ40NYt1gpdidmIC/gzzha2TfZCHMs44KPMMdH+Fid1Kc6/Cq8 QygtL4M387J9HXUrlN7NDUOrDVuVqfBG+ve3i9GCZzYjwtajTAQ= =6st2 -----END PGP SIGNATURE----- . 8) - aarch64, ppc64le, s390x, x86_64
-
8) - aarch64, noarch, ppc64le, s390x, x86_64
-
Gentoo Linux Security Advisory GLSA 202210-25
https://security.gentoo.org/
Severity: Low Title: ISC BIND: Multiple Vulnerabilities Date: October 31, 2022 Bugs: #820563, #835439, #872206 ID: 202210-25
Synopsis
Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/bind < 9.16.33 >= 9.16.33 2 net-dns/bind-tools < 9.16.33 >= 9.16.33
Description
Multiple vulnerabilities have been discovered in ISC BIND. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ISC BIND users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.16.33"
All ISC BIND-tools users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-tools-9.16.33"
References
[ 1 ] CVE-2021-25219 https://nvd.nist.gov/vuln/detail/CVE-2021-25219 [ 2 ] CVE-2021-25220 https://nvd.nist.gov/vuln/detail/CVE-2021-25220 [ 3 ] CVE-2022-0396 https://nvd.nist.gov/vuln/detail/CVE-2022-0396 [ 4 ] CVE-2022-2795 https://nvd.nist.gov/vuln/detail/CVE-2022-2795 [ 5 ] CVE-2022-2881 https://nvd.nist.gov/vuln/detail/CVE-2022-2881 [ 6 ] CVE-2022-2906 https://nvd.nist.gov/vuln/detail/CVE-2022-2906 [ 7 ] CVE-2022-3080 https://nvd.nist.gov/vuln/detail/CVE-2022-3080 [ 8 ] CVE-2022-38177 https://nvd.nist.gov/vuln/detail/CVE-2022-38177 [ 9 ] CVE-2022-38178 https://nvd.nist.gov/vuln/detail/CVE-2022-38178
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202210-25
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: bind security update Advisory ID: RHSA-2023:0402-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0402 Issue date: 2023-01-24 CVE Names: CVE-2021-25220 CVE-2022-2795 ==================================================================== 1. Summary:
An update for bind is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
Security Fix(es):
-
bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)
-
bind: processing large delegations may severely degrade resolver performance (CVE-2022-2795)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, the BIND daemon (named) will be restarted automatically.
- Bugs fixed (https://bugzilla.redhat.com/):
2064512 - CVE-2021-25220 bind: DNS forwarders - cache poisoning vulnerability 2128584 - CVE-2022-2795 bind: processing large delegations may severely degrade resolver performance
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: bind-9.11.4-26.P2.el7_9.13.src.rpm
noarch: bind-license-9.11.4-26.P2.el7_9.13.noarch.rpm
x86_64: bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: bind-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: bind-9.11.4-26.P2.el7_9.13.src.rpm
noarch: bind-license-9.11.4-26.P2.el7_9.13.noarch.rpm
x86_64: bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: bind-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: bind-9.11.4-26.P2.el7_9.13.src.rpm
noarch: bind-license-9.11.4-26.P2.el7_9.13.noarch.rpm
ppc64: bind-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-chroot-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.ppc.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-libs-9.11.4-26.P2.el7_9.13.ppc.rpm bind-libs-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.ppc.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.ppc.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-utils-9.11.4-26.P2.el7_9.13.ppc64.rpm
ppc64le: bind-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-chroot-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-libs-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-pkcs11-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-utils-9.11.4-26.P2.el7_9.13.ppc64le.rpm
s390x: bind-9.11.4-26.P2.el7_9.13.s390x.rpm bind-chroot-9.11.4-26.P2.el7_9.13.s390x.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.s390.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.s390x.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.s390.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.s390x.rpm bind-libs-9.11.4-26.P2.el7_9.13.s390.rpm bind-libs-9.11.4-26.P2.el7_9.13.s390x.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.s390.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.s390x.rpm bind-pkcs11-9.11.4-26.P2.el7_9.13.s390x.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.s390.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.s390x.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.s390x.rpm bind-utils-9.11.4-26.P2.el7_9.13.s390x.rpm
x86_64: bind-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-devel-9.11.4-26.P2.el7_9.13.ppc.rpm bind-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.ppc.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.ppc.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.ppc.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-sdb-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.13.ppc64.rpm
ppc64le: bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-sdb-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.13.ppc64le.rpm
s390x: bind-debuginfo-9.11.4-26.P2.el7_9.13.s390.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.s390x.rpm bind-devel-9.11.4-26.P2.el7_9.13.s390.rpm bind-devel-9.11.4-26.P2.el7_9.13.s390x.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.s390.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.s390x.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.s390.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.s390x.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.s390.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.s390x.rpm bind-sdb-9.11.4-26.P2.el7_9.13.s390x.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.13.s390x.rpm
x86_64: bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: bind-9.11.4-26.P2.el7_9.13.src.rpm
noarch: bind-license-9.11.4-26.P2.el7_9.13.noarch.rpm
x86_64: bind-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-25220 https://access.redhat.com/security/cve/CVE-2022-2795 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBY9AIs9zjgjWX9erEAQiz9BAAiQvmAQ5DWdOQbHHizPAHBnKnBtNBfCT3 iaAzKQ0Yrpk26N9cdrvcBJwdrHpI28VJ3eemFUxQFseUqtAErsgfL4QqnjPjQgsp U2qLPjqbzfOrbi1CuruMMIIbtxfwvsdic8OB9Zi7XzfZjWm2X4c6Ima+QXol6x9a 8J2qdzCqhoYUXJgdpVK9nAAGsPtidcnqLYYIcTclJArp6uRSlEEk7EbNJvs2SAbj MUo5aq5BoVy2TkiMyqhT5voy6K8f4c7WbQYerNieps18541ZSr29fAzWBznr3Yns gE10Aaoa8uCxlaexFR8EahPVYe6wJAm6R62LBabEWChbzW0oxr7X2DdzX9eiOwl0 wJT0n4GHoFsCGMa+v1yybkjHIUfiW25WC7bC4QDj4fjTpbicVlnttXhQJwCJK5bb PC27GE6qi7EqwHYJa/jPenbIG38mXj/r2bwIr1qYQMLjQ8BQIneShky3ZWE4l/jd zTMwGVal8ACBYdCALx/O9QNyzaO92xHLnKl3DIoqaQdjasIfGp/G6Xc1YggKyZAP VVtXPiOIbReBVNWiBXMH1ZEQeNon4su0/MbMWrmJpwvEzYeXkuWO98LZ4dlLVuim NG/dJ6RqzT6/aqRNVyOt5s4SLIQ5DrPXoPnZRUBsbpWhP6lxPhESKA0TUg5FYz33 eDGIrZR4jEY=azJw -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Description:
The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.
The following advisory data is extracted from:
https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2720.json
Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202203-0664",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.16.8"
},
{
"model": "bind",
"scope": "lt",
"trust": 1.0,
"vendor": "isc",
"version": "9.16.27"
},
{
"model": "h700s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "19.4"
},
{
"model": "h700e",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "h500e",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "20.3"
},
{
"model": "h300e",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "19.3"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "21.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "20.2"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.18.0"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.11.0"
},
{
"model": "h300s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "junos",
"scope": "lt",
"trust": 1.0,
"vendor": "juniper",
"version": "19.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "21.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "21.1"
},
{
"model": "bind",
"scope": "lt",
"trust": 1.0,
"vendor": "isc",
"version": "9.11.37"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "22.1"
},
{
"model": "h410s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.12.0"
},
{
"model": "sinec ins",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "21.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "22.2"
},
{
"model": "h500s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.17.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.11.4"
},
{
"model": "h410c",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "sinec ins",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "20.4"
},
{
"model": "bind",
"scope": null,
"trust": 0.8,
"vendor": "isc",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "esmpro/serveragent",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.16.27",
"versionStartIncluding": "9.16.8",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.11.37",
"versionStartIncluding": "9.11.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.16.27",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.11.37",
"versionStartIncluding": "9.11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.18.0",
"versionStartIncluding": "9.17.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "19.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r3-s5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r3-s6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r3-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r3-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r3-s4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r3-s6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r3-s4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r3-s5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1-s4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r3-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r3-s8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r3-s7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r3-s4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r1-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r3-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r3-s4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported these vulnerabilities to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-1514"
}
],
"trust": 0.6
},
"cve": "CVE-2021-25220",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-25220",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2021-25220",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.3,
"impactScore": 4.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 8.6,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-25220",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-25220",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "security-officer@isc.org",
"id": "CVE-2021-25220",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-25220",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202203-1514",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-25220",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1514"
},
{
"db": "NVD",
"id": "CVE-2021-25220"
},
{
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BIND 9.11.0 -\u003e 9.11.36 9.12.0 -\u003e 9.16.26 9.17.0 -\u003e 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -\u003e 9.11.36-S1 9.16.8-S1 -\u003e 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. This issue causes it to obtain and pass on potentially incorrect answers. (CVE-2021-25220)\nBy flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver\u0027s performance, effectively denying legitimate clients access to the DNS resolution service. (CVE-2022-2795)\nBy spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. (CVE-2022-38177)\nBy spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. (CVE-2022-38178). ==========================================================================\nUbuntu Security Notice USN-5332-1\nMarch 17, 2022\n\nbind9 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 21.10\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Bind. \n\nSoftware Description:\n- bind9: Internet Domain Name Server\n\nDetails:\n\nXiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind\nincorrectly handled certain bogus NS records when using forwarders. A\nremote attacker could possibly use this issue to manipulate cache results. \n(CVE-2021-25220)\n\nIt was discovered that Bind incorrectly handled certain crafted TCP\nstreams. A remote attacker could possibly use this issue to cause Bind to\nconsume resources, leading to a denial of service. This issue only affected\nUbuntu 21.10. (CVE-2022-0396)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 21.10:\n bind9 1:9.16.15-1ubuntu1.2\n\nUbuntu 20.04 LTS:\n bind9 1:9.16.1-0ubuntu2.10\n\nUbuntu 18.04 LTS:\n bind9 1:9.11.3+dfsg-1ubuntu1.17\n\nIn general, a standard system update will make all the necessary changes. \n\nFor the oldstable distribution (buster), this problem has been fixed\nin version 1:9.11.5.P4+dfsg-5.1+deb10u7. \n\nFor the stable distribution (bullseye), this problem has been fixed in\nversion 1:9.16.27-1~deb11u1. \n\nWe recommend that you upgrade your bind9 packages. \n\nFor the detailed security status of bind9 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/bind9\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmI010UACgkQEMKTtsN8\nTjbp3xAAil38qfAIdNkaIxY2bauvTyZDWzr6KUjph0vzmLEoAFQ3bysVSGlCnZk9\nIgdyfPRWQ+Bjau1/dlhNYaTlnQajbeyvCXfJcjRRgtUDCp7abZcOcb1WDu8jWLGW\niRtKsvKKrTKkIou5LgDlyqZyf6OzjgRdwtm86GDPQiCaSEpmbRt+APj5tkIA9R1G\nELWuZsjbIraBU0TsNfOalgNpAWtSBayxKtWB69J8rxUV69JI194A4AJ0wm9SPpFV\nG/TzlyHp1dUZJRLNmZOZU/dq4pPsXzh9I4QCg1kJWsVHe2ycAJKho6hr5iy43fNl\nMuokfI9YnU6/9SjHrQAWp1X/6MYCR8NieJ933W89/Zb8eTjTZC8EQGo6fkA287G8\nglQOrJHMQyV+b97lT67+ioTHNzTEBXTih7ZDeC1TlLqypCNYhRF/ll0Hx/oeiJFU\nrbjh2Og9huhD5JH8z8YAvY2g81e7KdPxazuKJnQpxGutqddCuwBvyI9fovYrah9W\nbYD6rskLZM2x90RI2LszHisl6FV5k37PaczamlRqGgbbMb9YlnDFjJUbM8rZZgD4\n+8u/AkHq2+11pTtZ40NYt1gpdidmIC/gzzha2TfZCHMs44KPMMdH+Fid1Kc6/Cq8\nQygtL4M387J9HXUrlN7NDUOrDVuVqfBG+ve3i9GCZzYjwtajTAQ=\n=6st2\n-----END PGP SIGNATURE-----\n. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202210-25\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Low\n Title: ISC BIND: Multiple Vulnerabilities\n Date: October 31, 2022\n Bugs: #820563, #835439, #872206\n ID: 202210-25\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in ISC BIND, the worst of\nwhich could result in denial of service. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/bind \u003c 9.16.33 \u003e= 9.16.33\n 2 net-dns/bind-tools \u003c 9.16.33 \u003e= 9.16.33\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in ISC BIND. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ISC BIND users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/bind-9.16.33\"\n\nAll ISC BIND-tools users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/bind-tools-9.16.33\"\n\nReferences\n==========\n\n[ 1 ] CVE-2021-25219\n https://nvd.nist.gov/vuln/detail/CVE-2021-25219\n[ 2 ] CVE-2021-25220\n https://nvd.nist.gov/vuln/detail/CVE-2021-25220\n[ 3 ] CVE-2022-0396\n https://nvd.nist.gov/vuln/detail/CVE-2022-0396\n[ 4 ] CVE-2022-2795\n https://nvd.nist.gov/vuln/detail/CVE-2022-2795\n[ 5 ] CVE-2022-2881\n https://nvd.nist.gov/vuln/detail/CVE-2022-2881\n[ 6 ] CVE-2022-2906\n https://nvd.nist.gov/vuln/detail/CVE-2022-2906\n[ 7 ] CVE-2022-3080\n https://nvd.nist.gov/vuln/detail/CVE-2022-3080\n[ 8 ] CVE-2022-38177\n https://nvd.nist.gov/vuln/detail/CVE-2022-38177\n[ 9 ] CVE-2022-38178\n https://nvd.nist.gov/vuln/detail/CVE-2022-38178\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202210-25\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2022 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: bind security update\nAdvisory ID: RHSA-2023:0402-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2023:0402\nIssue date: 2023-01-24\nCVE Names: CVE-2021-25220 CVE-2022-2795\n====================================================================\n1. Summary:\n\nAn update for bind is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. \n\nSecurity Fix(es):\n\n* bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\n* bind: processing large delegations may severely degrade resolver\nperformance (CVE-2022-2795)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2064512 - CVE-2021-25220 bind: DNS forwarders - cache poisoning vulnerability\n2128584 - CVE-2022-2795 bind: processing large delegations may severely degrade resolver performance\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nbind-9.11.4-26.P2.el7_9.13.src.rpm\n\nnoarch:\nbind-license-9.11.4-26.P2.el7_9.13.noarch.rpm\n\nx86_64:\nbind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-libs-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nbind-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nbind-9.11.4-26.P2.el7_9.13.src.rpm\n\nnoarch:\nbind-license-9.11.4-26.P2.el7_9.13.noarch.rpm\n\nx86_64:\nbind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-libs-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nbind-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nbind-9.11.4-26.P2.el7_9.13.src.rpm\n\nnoarch:\nbind-license-9.11.4-26.P2.el7_9.13.noarch.rpm\n\nppc64:\nbind-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-chroot-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.ppc.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-export-libs-9.11.4-26.P2.el7_9.13.ppc.rpm\nbind-export-libs-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-libs-9.11.4-26.P2.el7_9.13.ppc.rpm\nbind-libs-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-libs-lite-9.11.4-26.P2.el7_9.13.ppc.rpm\nbind-libs-lite-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-pkcs11-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-pkcs11-libs-9.11.4-26.P2.el7_9.13.ppc.rpm\nbind-pkcs11-libs-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-pkcs11-utils-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-utils-9.11.4-26.P2.el7_9.13.ppc64.rpm\n\nppc64le:\nbind-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-chroot-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-export-libs-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-libs-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-libs-lite-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-pkcs11-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-pkcs11-libs-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-pkcs11-utils-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-utils-9.11.4-26.P2.el7_9.13.ppc64le.rpm\n\ns390x:\nbind-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-chroot-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.s390.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-export-libs-9.11.4-26.P2.el7_9.13.s390.rpm\nbind-export-libs-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-libs-9.11.4-26.P2.el7_9.13.s390.rpm\nbind-libs-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-libs-lite-9.11.4-26.P2.el7_9.13.s390.rpm\nbind-libs-lite-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-pkcs11-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-pkcs11-libs-9.11.4-26.P2.el7_9.13.s390.rpm\nbind-pkcs11-libs-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-pkcs11-utils-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-utils-9.11.4-26.P2.el7_9.13.s390x.rpm\n\nx86_64:\nbind-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-libs-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nbind-debuginfo-9.11.4-26.P2.el7_9.13.ppc.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-devel-9.11.4-26.P2.el7_9.13.ppc.rpm\nbind-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-export-devel-9.11.4-26.P2.el7_9.13.ppc.rpm\nbind-export-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-lite-devel-9.11.4-26.P2.el7_9.13.ppc.rpm\nbind-lite-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-pkcs11-devel-9.11.4-26.P2.el7_9.13.ppc.rpm\nbind-pkcs11-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-sdb-9.11.4-26.P2.el7_9.13.ppc64.rpm\nbind-sdb-chroot-9.11.4-26.P2.el7_9.13.ppc64.rpm\n\nppc64le:\nbind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-export-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-lite-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-pkcs11-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-sdb-9.11.4-26.P2.el7_9.13.ppc64le.rpm\nbind-sdb-chroot-9.11.4-26.P2.el7_9.13.ppc64le.rpm\n\ns390x:\nbind-debuginfo-9.11.4-26.P2.el7_9.13.s390.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-devel-9.11.4-26.P2.el7_9.13.s390.rpm\nbind-devel-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-export-devel-9.11.4-26.P2.el7_9.13.s390.rpm\nbind-export-devel-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-lite-devel-9.11.4-26.P2.el7_9.13.s390.rpm\nbind-lite-devel-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-pkcs11-devel-9.11.4-26.P2.el7_9.13.s390.rpm\nbind-pkcs11-devel-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-sdb-9.11.4-26.P2.el7_9.13.s390x.rpm\nbind-sdb-chroot-9.11.4-26.P2.el7_9.13.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nbind-9.11.4-26.P2.el7_9.13.src.rpm\n\nnoarch:\nbind-license-9.11.4-26.P2.el7_9.13.noarch.rpm\n\nx86_64:\nbind-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-libs-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nbind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm\nbind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm\nbind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-25220\nhttps://access.redhat.com/security/cve/CVE-2022-2795\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2023 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBY9AIs9zjgjWX9erEAQiz9BAAiQvmAQ5DWdOQbHHizPAHBnKnBtNBfCT3\niaAzKQ0Yrpk26N9cdrvcBJwdrHpI28VJ3eemFUxQFseUqtAErsgfL4QqnjPjQgsp\nU2qLPjqbzfOrbi1CuruMMIIbtxfwvsdic8OB9Zi7XzfZjWm2X4c6Ima+QXol6x9a\n8J2qdzCqhoYUXJgdpVK9nAAGsPtidcnqLYYIcTclJArp6uRSlEEk7EbNJvs2SAbj\nMUo5aq5BoVy2TkiMyqhT5voy6K8f4c7WbQYerNieps18541ZSr29fAzWBznr3Yns\ngE10Aaoa8uCxlaexFR8EahPVYe6wJAm6R62LBabEWChbzW0oxr7X2DdzX9eiOwl0\nwJT0n4GHoFsCGMa+v1yybkjHIUfiW25WC7bC4QDj4fjTpbicVlnttXhQJwCJK5bb\nPC27GE6qi7EqwHYJa/jPenbIG38mXj/r2bwIr1qYQMLjQ8BQIneShky3ZWE4l/jd\nzTMwGVal8ACBYdCALx/O9QNyzaO92xHLnKl3DIoqaQdjasIfGp/G6Xc1YggKyZAP\nVVtXPiOIbReBVNWiBXMH1ZEQeNon4su0/MbMWrmJpwvEzYeXkuWO98LZ4dlLVuim\nNG/dJ6RqzT6/aqRNVyOt5s4SLIQ5DrPXoPnZRUBsbpWhP6lxPhESKA0TUg5FYz33\neDGIrZR4jEY=azJw\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\nindividual devices on an IP network to get their own network configuration\ninformation, including an IP address, a subnet mask, and a broadcast\naddress. The dhcp packages provide a relay agent and ISC DHCP service\nrequired to enable and administer DHCP on a network. \n\nThe following advisory data is extracted from:\n\nhttps://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2720.json\n\nRed Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat\u0027s archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-25220"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"db": "PACKETSTORM",
"id": "166356"
},
{
"db": "PACKETSTORM",
"id": "166354"
},
{
"db": "PACKETSTORM",
"id": "169261"
},
{
"db": "PACKETSTORM",
"id": "169745"
},
{
"db": "PACKETSTORM",
"id": "169773"
},
{
"db": "PACKETSTORM",
"id": "169587"
},
{
"db": "PACKETSTORM",
"id": "170724"
},
{
"db": "PACKETSTORM",
"id": "169846"
},
{
"db": "PACKETSTORM",
"id": "178475"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-25220",
"trust": 4.2
},
{
"db": "SIEMENS",
"id": "SSA-637483",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-22-258-05",
"trust": 1.5
},
{
"db": "JVN",
"id": "JVNVU99475301",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU98927070",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001797",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "166356",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "169773",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "169587",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "170724",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "169846",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.1150",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.5750",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4616",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1223",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1289",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2694",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1183",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1160",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022032124",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022031701",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022031728",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "169894",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1514",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-25220",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166354",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169261",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169745",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "178475",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"db": "PACKETSTORM",
"id": "166356"
},
{
"db": "PACKETSTORM",
"id": "166354"
},
{
"db": "PACKETSTORM",
"id": "169261"
},
{
"db": "PACKETSTORM",
"id": "169745"
},
{
"db": "PACKETSTORM",
"id": "169773"
},
{
"db": "PACKETSTORM",
"id": "169587"
},
{
"db": "PACKETSTORM",
"id": "170724"
},
{
"db": "PACKETSTORM",
"id": "169846"
},
{
"db": "PACKETSTORM",
"id": "178475"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1514"
},
{
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"id": "VAR-202203-0664",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.20766129
},
"last_update_date": "2024-07-23T21:44:12.287000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NV22-009",
"trust": 0.8,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/api7u5e7sx7baavfnw366ffjgd6nzzkv/"
},
{
"title": "Ubuntu Security Notice: USN-5332-2: Bind vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-5332-2"
},
{
"title": "Red Hat: Moderate: dhcp security and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20228385 - security advisory"
},
{
"title": "Red Hat: Moderate: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20227790 - security advisory"
},
{
"title": "Ubuntu Security Notice: USN-5332-1: Bind vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-5332-1"
},
{
"title": "Red Hat: Moderate: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20228068 - security advisory"
},
{
"title": "Red Hat: Moderate: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20230402 - security advisory"
},
{
"title": "Debian Security Advisories: DSA-5105-1 bind9 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=16d84b908a424f50b3236db9219500e3"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2021-25220"
},
{
"title": "Amazon Linux 2: ALAS2-2023-2001",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2023-2001"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-166",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas2022-2022-166"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-138",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas2022-2022-138"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2021-25220 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/vincent-deng/veracode-container-security-finding-parser "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-444",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://kb.isc.org/v1/docs/cve-2021-25220"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/202210-25"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20220408-0001/"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf"
},
{
"trust": 1.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-25220"
},
{
"trust": 1.6,
"url": "https://supportportal.juniper.net/s/article/2022-10-security-bulletin-junos-os-srx-series-cache-poisoning-vulnerability-in-bind-used-by-dns-proxy-cve-2021-25220?language=en_us"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/security/cve/cve-2021-25220"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2sxt7247qtknbq67mnrgzd23adxu6e5u/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5vx3i2u3icoiei5y7oya6cholfmnh3yq/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/api7u5e7sx7baavfnw366ffjgd6nzzkv/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/de3uavcpumakg27zl5yxsp2c3riow3jz/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/nyd7us4hzrfugaj66zthfbyvp5n3oqby/"
},
{
"trust": 0.9,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-258-05"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98927070/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99475301/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/nyd7us4hzrfugaj66zthfbyvp5n3oqby/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/api7u5e7sx7baavfnw366ffjgd6nzzkv/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5vx3i2u3icoiei5y7oya6cholfmnh3yq/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2sxt7247qtknbq67mnrgzd23adxu6e5u/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/de3uavcpumakg27zl5yxsp2c3riow3jz/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169846/red-hat-security-advisory-2022-8385-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1223"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1289"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/isc-bind-spoofing-via-dns-forwarders-cache-poisoning-37754"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4616"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169894/red-hat-security-advisory-2022-8068-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022031728"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166356/ubuntu-security-notice-usn-5332-2.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1150"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1183"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1160"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169773/red-hat-security-advisory-2022-7643-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/170724/red-hat-security-advisory-2023-0402-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169587/gentoo-linux-security-advisory-202210-25.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-25220/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-258-05"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.5750"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022031701"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2694"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022032124"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0396"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://ubuntu.com/security/notices/usn-5332-2"
},
{
"trust": 0.2,
"url": "https://ubuntu.com/security/notices/usn-5332-1"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2795"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2021-25220"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://alas.aws.amazon.com/al2/alas-2023-2001.html"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.16.1-0ubuntu2.10"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.16.15-1ubuntu1.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.11.3+dfsg-1ubuntu1.17"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/bind9"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:7790"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0396"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:7643"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-38178"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2906"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2881"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-25219"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-3080"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-38177"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:0402"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2795"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:8385"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2024:2720"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128584"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263896"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263917"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064512"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164032"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263914"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2720.json"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"db": "PACKETSTORM",
"id": "166356"
},
{
"db": "PACKETSTORM",
"id": "166354"
},
{
"db": "PACKETSTORM",
"id": "169261"
},
{
"db": "PACKETSTORM",
"id": "169745"
},
{
"db": "PACKETSTORM",
"id": "169773"
},
{
"db": "PACKETSTORM",
"id": "169587"
},
{
"db": "PACKETSTORM",
"id": "170724"
},
{
"db": "PACKETSTORM",
"id": "169846"
},
{
"db": "PACKETSTORM",
"id": "178475"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1514"
},
{
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"db": "PACKETSTORM",
"id": "166356"
},
{
"db": "PACKETSTORM",
"id": "166354"
},
{
"db": "PACKETSTORM",
"id": "169261"
},
{
"db": "PACKETSTORM",
"id": "169745"
},
{
"db": "PACKETSTORM",
"id": "169773"
},
{
"db": "PACKETSTORM",
"id": "169587"
},
{
"db": "PACKETSTORM",
"id": "170724"
},
{
"db": "PACKETSTORM",
"id": "169846"
},
{
"db": "PACKETSTORM",
"id": "178475"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1514"
},
{
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-23T00:00:00",
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"date": "2022-05-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"date": "2022-03-17T15:54:34",
"db": "PACKETSTORM",
"id": "166356"
},
{
"date": "2022-03-17T15:54:20",
"db": "PACKETSTORM",
"id": "166354"
},
{
"date": "2022-03-28T19:12:00",
"db": "PACKETSTORM",
"id": "169261"
},
{
"date": "2022-11-08T13:44:36",
"db": "PACKETSTORM",
"id": "169745"
},
{
"date": "2022-11-08T13:49:24",
"db": "PACKETSTORM",
"id": "169773"
},
{
"date": "2022-10-31T14:50:53",
"db": "PACKETSTORM",
"id": "169587"
},
{
"date": "2023-01-25T16:07:50",
"db": "PACKETSTORM",
"id": "170724"
},
{
"date": "2022-11-15T16:40:52",
"db": "PACKETSTORM",
"id": "169846"
},
{
"date": "2024-05-09T15:16:06",
"db": "PACKETSTORM",
"id": "178475"
},
{
"date": "2022-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-1514"
},
{
"date": "2022-03-23T13:15:07.680000",
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-11-28T00:00:00",
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"date": "2022-09-20T06:12:00",
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"date": "2023-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-1514"
},
{
"date": "2023-11-09T14:44:33.733000",
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "166356"
},
{
"db": "PACKETSTORM",
"id": "166354"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1514"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BIND\u00a0 Cache Pollution with Incorrect Records Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "environmental issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-1514"
}
],
"trust": 0.6
}
}
VAR-201207-0279
Vulnerability from variot - Updated: 2024-07-23 21:31ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries. ISC BIND is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause an assertion failure in the 'named' process, denying service to legitimate users. This issue may also be exploited to disclose certain memory information to clients. The following versions are affected: BIND 9.6-ESV-R1 through versions 9.6-ESV-R7-P1 BIND 9.7.1 through versions 9.7.6-P1 BIND 9.8.0 through versions 9.8.3-P1 BIND 9.9.0 through versions 9.9.1-P1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
============================================================================= FreeBSD-SA-12:05.bind Security Advisory The FreeBSD Project
Topic: named(8) DNSSEC validation Denial of Service
Category: contrib Module: bind Announced: 2012-08-06 Credits: Einar Lonn of IIS.se Affects: All supported versions of FreeBSD Corrected: 2012-08-06 21:33:11 UTC (RELENG_7, 7.4-STABLE) 2012-08-06 21:33:11 UTC (RELENG_7_4, 7.4-RELEASE-p10) 2012-07-24 19:04:35 UTC (RELENG_8, 8.3-STABLE) 2012-08-06 21:33:11 UTC (RELENG_8_3, 8.3-RELEASE-p4) 2012-08-06 21:33:11 UTC (RELENG_8_2, 8.2-RELEASE-p10) 2012-08-06 21:33:11 UTC (RELENG_8_1, 8.1-RELEASE-p13) 2012-07-24 22:32:03 UTC (RELENG_9, 9.1-PRERELEASE) 2012-08-06 21:33:11 UTC (RELENG_9_0, 9.0-RELEASE-p4) CVE Name: CVE-2012-3817
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
DNS Security Extensions (DNSSEC) provides data integrity, origin authentication and authenticated denial of existence to resolvers.
II. Problem Description
BIND 9 stores a cache of query names that are known to be failing due to misconfigured name servers or a broken chain of trust.
III.
IV. Workaround
No workaround is available, but systems not running the BIND resolving name server with dnssec-validation enabled are not affected.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to 7-STABLE, 8-STABLE, or 9-STABLE, or to the RELENG_7_4, RELENG_8_3, RELENG_8_2, RELENG_8_1, or RELENG_9_0 security branch dated after the correction date.
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to FreeBSD 7.4, 8.3, 8.2, 8.1 and 9.0 systems.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
fetch http://security.FreeBSD.org/patches/SA-12:05/bind.patch
fetch http://security.FreeBSD.org/patches/SA-12:05/bind.patch.asc
b) Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
cd /usr/src/lib/bind/dns
make obj && make depend && make && make install
cd /usr/src/usr.sbin/named
make obj && make depend && make && make install
3) To update your vulnerable system via a binary patch:
Systems running 7.4-RELEASE, 8.3-RELEASE, 8.2-RELEASE, 8.1-RELEASE, or 9.0-RELEASE on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
4) Install and run BIND from the Ports Collection after the correction date. Correction details
The following list contains the revision numbers of each file that was corrected in FreeBSD.
CVS:
Branch Revision Path
RELENG_7 src/contrib/bind9/lib/dns/resolver.c 1.1.1.9.2.11 RELENG_7_4 src/UPDATING 1.507.2.36.2.12 src/sys/conf/newvers.sh 1.72.2.18.2.15 src/contrib/bind9/lib/dns/resolver.c 1.1.1.9.2.8.2.1 RELENG_8 src/contrib/bind9/CHANGES 1.9.2.15 src/contrib/bind9/lib/dns/resolver.c 1.3.2.6 src/contrib/bind9/lib/dns/zone.c 1.6.2.10 src/contrib/bind9/lib/isc/random.c 1.2.2.4 src/contrib/bind9/version 1.9.2.15 RELENG_8_3 src/UPDATING 1.632.2.26.2.6 src/sys/conf/newvers.sh 1.83.2.15.2.8 src/contrib/bind9/lib/dns/resolver.c 1.6.2.7.2.1 RELENG_8_2 src/UPDATING 1.632.2.19.2.12 src/sys/conf/newvers.sh 1.83.2.12.2.15 src/contrib/bind9/lib/dns/resolver.c 1.6.2.4.2.1 RELENG_8_1 src/UPDATING 1.632.2.14.2.16 src/sys/conf/newvers.sh 1.83.2.10.2.17 src/contrib/bind9/lib/dns/resolver.c 1.6.2.3.2.1 RELENG_9 src/contrib/bind9/CHANGES 1.21.2.5 src/contrib/bind9/lib/dns/resolver.c 1.15.2.3 src/contrib/bind9/lib/dns/zone.c 1.7.2.3 src/contrib/bind9/version 1.21.2.5 RELENG_9_0 src/UPDATING 1.702.2.4.2.6 src/sys/conf/newvers.sh 1.95.2.4.2.8 src/contrib/bind9/lib/dns/resolver.c 1.15.4.1
Subversion:
Branch/path Revision
stable/7/ r239108 releng/7.4/ r239108 stable/8/ r238749 releng/8.3/ r239108 releng/8.2/ r239108 releng/8.1/ r239108 stable/9/ r238756 releng/9.0/ r239108
VII. The verification of md5 checksums and GPG signatures is performed automatically for you.
Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+ patches/packages/bind-9.9.2_P1-i486-1_slack14.0.txz: Upgraded. IMPORTANT NOTE: This package updates BIND from 9.7.6_P4 to 9.8.4_P1 since the 9.7 series is no longer supported. It is possible that some changes may be required to your local configuration. This release addresses some denial-of-service and other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.8.4_P1-i486-1_slack12.1.tgz
Updated package for Slackware 12.2: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.8.4_P1-i486-1_slack12.2.tgz
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.8.4_P1-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.8.4_P1-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.8.4_P1-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.2_P1-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.2_P1-x86_64-1_slack14.0.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.9.2_P1-i486-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.9.2_P1-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 12.1 package: 2df945fd92d480df98711992180cdd70 bind-9.8.4_P1-i486-1_slack12.1.tgz
Slackware 12.2 package: ddf762702befde00ab86cda1a5766bbd bind-9.8.4_P1-i486-1_slack12.2.tgz
Slackware 13.0 package: b6c9a8f1262bd39db2dd77034f58e568 bind-9.8.4_P1-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: b35c20ad9778035c7e04ef2944375608 bind-9.8.4_P1-x86_64-1_slack13.0.txz
Slackware 13.1 package: a6b061aeb84003ea7b6ddcc157e0db65 bind-9.8.4_P1-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: 54ee26b4924ab502eedfd024d83db20e bind-9.8.4_P1-x86_64-1_slack13.1.txz
Slackware 13.37 package: 04d40ede0a96160e79767bf995469773 bind-9.8.4_P1-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: f4635df06e3c0f62f035d00e15b0f5fb bind-9.8.4_P1-x86_64-1_slack13.37.txz
Slackware 14.0 package: 66612ea03941fc8ef5ef21409ecc6fe3 bind-9.9.2_P1-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 6f664fe7e955c0dbe806a63ad9212c00 bind-9.9.2_P1-x86_64-1_slack14.0.txz
Slackware -current package: 83bc10ca67bede66bf742a7d0ab6e628 n/bind-9.9.2_P1-i486-1.txz
Slackware x86_64 -current package: 4a539dd88ef3637eee56693c037a3dc8 n/bind-9.9.2_P1-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg bind-9.9.2_P1-i486-1_slack14.0.txz
Then, restart the name server:
/etc/rc.d/rc.bind restart
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. ----------------------------------------------------------------------
We are millions! Join us to protect all Pc's Worldwide. Download the new Secunia PSI 3.0 available in 5 languages and share it with your friends: http://secunia.com/psi
TITLE: ISC BIND Bad Cache Assertion Failure and TCP Query Denial of Service Vulnerabilities
SECUNIA ADVISORY ID: SA50020
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50020/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50020
RELEASE DATE: 2012-07-25
DISCUSS ADVISORY: http://secunia.com/advisories/50020/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50020/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50020
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Two vulnerabilities have been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).
Successful exploitation of this vulnerability requires that DNSSEC validation is enabled.
2) A memory leak error when processing TCP queries can be exploited to increase the number of misplaced ns_client objects and trigger an out-of-memory condition.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Einar Lonn, IIS.se 2) Kevin Sheehan, Infoblox, Inc. and Anand Buddhdev, RIPE NCC.
ORIGINAL ADVISORY: https://www.isc.org/software/aftr/advisories/cve-2012-3817 https://www.isc.org/software/bind/advisories/cve-2012-3868
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
For the stable distribution (squeeze), this problem has been fixed in version 1:9.7.3.dfsg-1~squeeze6.
For the testing distribution (wheezy), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in version 1:9.8.1.dfsg.P1-4.2. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: bind security update Advisory ID: RHSA-2012:1123-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1123.html Issue date: 2012-07-31 CVE Names: CVE-2012-3817 =====================================================================
- Summary:
Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
An uninitialized data structure use flaw was found in BIND when DNSSEC validation was enabled. (CVE-2012-3817)
Users of bind are advised to upgrade to these updated packages, which correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
842897 - CVE-2012-3817 bind: heavy DNSSEC validation load can cause assertion failure
- Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind-9.3.6-20.P1.el5_8.2.src.rpm
i386: bind-9.3.6-20.P1.el5_8.2.i386.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm bind-libs-9.3.6-20.P1.el5_8.2.i386.rpm bind-sdb-9.3.6-20.P1.el5_8.2.i386.rpm bind-utils-9.3.6-20.P1.el5_8.2.i386.rpm
x86_64: bind-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-libs-9.3.6-20.P1.el5_8.2.i386.rpm bind-libs-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-sdb-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-utils-9.3.6-20.P1.el5_8.2.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind-9.3.6-20.P1.el5_8.2.src.rpm
i386: bind-chroot-9.3.6-20.P1.el5_8.2.i386.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm bind-devel-9.3.6-20.P1.el5_8.2.i386.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm caching-nameserver-9.3.6-20.P1.el5_8.2.i386.rpm
x86_64: bind-chroot-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-devel-9.3.6-20.P1.el5_8.2.i386.rpm bind-devel-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.x86_64.rpm caching-nameserver-9.3.6-20.P1.el5_8.2.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/bind-9.3.6-20.P1.el5_8.2.src.rpm
i386: bind-9.3.6-20.P1.el5_8.2.i386.rpm bind-chroot-9.3.6-20.P1.el5_8.2.i386.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm bind-devel-9.3.6-20.P1.el5_8.2.i386.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm bind-libs-9.3.6-20.P1.el5_8.2.i386.rpm bind-sdb-9.3.6-20.P1.el5_8.2.i386.rpm bind-utils-9.3.6-20.P1.el5_8.2.i386.rpm caching-nameserver-9.3.6-20.P1.el5_8.2.i386.rpm
ia64: bind-9.3.6-20.P1.el5_8.2.ia64.rpm bind-chroot-9.3.6-20.P1.el5_8.2.ia64.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.ia64.rpm bind-devel-9.3.6-20.P1.el5_8.2.ia64.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.ia64.rpm bind-libs-9.3.6-20.P1.el5_8.2.i386.rpm bind-libs-9.3.6-20.P1.el5_8.2.ia64.rpm bind-sdb-9.3.6-20.P1.el5_8.2.ia64.rpm bind-utils-9.3.6-20.P1.el5_8.2.ia64.rpm caching-nameserver-9.3.6-20.P1.el5_8.2.ia64.rpm
ppc: bind-9.3.6-20.P1.el5_8.2.ppc.rpm bind-chroot-9.3.6-20.P1.el5_8.2.ppc.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.ppc.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.ppc64.rpm bind-devel-9.3.6-20.P1.el5_8.2.ppc.rpm bind-devel-9.3.6-20.P1.el5_8.2.ppc64.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.ppc.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.ppc64.rpm bind-libs-9.3.6-20.P1.el5_8.2.ppc.rpm bind-libs-9.3.6-20.P1.el5_8.2.ppc64.rpm bind-sdb-9.3.6-20.P1.el5_8.2.ppc.rpm bind-utils-9.3.6-20.P1.el5_8.2.ppc.rpm caching-nameserver-9.3.6-20.P1.el5_8.2.ppc.rpm
s390x: bind-9.3.6-20.P1.el5_8.2.s390x.rpm bind-chroot-9.3.6-20.P1.el5_8.2.s390x.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.s390.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.s390x.rpm bind-devel-9.3.6-20.P1.el5_8.2.s390.rpm bind-devel-9.3.6-20.P1.el5_8.2.s390x.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.s390.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.s390x.rpm bind-libs-9.3.6-20.P1.el5_8.2.s390.rpm bind-libs-9.3.6-20.P1.el5_8.2.s390x.rpm bind-sdb-9.3.6-20.P1.el5_8.2.s390x.rpm bind-utils-9.3.6-20.P1.el5_8.2.s390x.rpm caching-nameserver-9.3.6-20.P1.el5_8.2.s390x.rpm
x86_64: bind-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-chroot-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-devel-9.3.6-20.P1.el5_8.2.i386.rpm bind-devel-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-libs-9.3.6-20.P1.el5_8.2.i386.rpm bind-libs-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-sdb-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-utils-9.3.6-20.P1.el5_8.2.x86_64.rpm caching-nameserver-9.3.6-20.P1.el5_8.2.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm
i386: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.i686.rpm
x86_64: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm
i386: bind-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.i686.rpm
x86_64: bind-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm
x86_64: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm
x86_64: bind-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm
i386: bind-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.i686.rpm
ppc64: bind-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.ppc.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.ppc.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm
s390x: bind-9.8.2-0.10.rc1.el6_3.2.s390x.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.s390x.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.s390.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.s390x.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.s390.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.s390x.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.s390x.rpm
x86_64: bind-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm
i386: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.i686.rpm
ppc64: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.ppc.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.ppc.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm
s390x: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.s390.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.s390x.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.s390.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.s390x.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.s390x.rpm
x86_64: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm
i386: bind-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.i686.rpm
x86_64: bind-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm
i386: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.i686.rpm
x86_64: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-3817.html https://access.redhat.com/security/updates/classification/#important http://www.isc.org/software/bind/advisories/cve-2012-3817
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQF1jgXlSAg2UNWIIRAhfLAKC7IA3Vlbw8YTJSpY/DfKn7S81tIgCgq/b2 7PGAy2HFq2b2y+ASSTx67k0= =uM7c -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004
OS X Mountain Lion v10.8.5 and Security Update 2013-004 is now available and addresses the following:
Apache Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in Apache Description: Multiple vulnerabilities existed in Apache, the most serious of which may lead to cross-site scripting. These issues were addressed by updating Apache to version 2.2.24. CVE-ID CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-4558
Bind Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in BIND Description: Multiple vulnerabilities existed in BIND, the most serious of which may lead to a denial of service. CVE-2012-5688 did not affect Mac OS X v10.7 systems. CVE-ID CVE-2012-3817 CVE-2012-4244 CVE-2012-5166 CVE-2012-5688 CVE-2013-2266
Certificate Trust Policy Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Root certificates have been updated Description: Several certificates were added to or removed from the list of system roots. The complete list of recognized system roots may be viewed via the Keychain Access application.
ClamAV Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5 Impact: Multiple vulnerabilities in ClamAV Description: Multiple vulnerabilities exist in ClamAV, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating ClamAV to version 0.97.8. CVE-ID CVE-2013-2020 CVE-2013-2021
CoreGraphics Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JBIG2 encoded data in PDF files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1025 : Felix Groebert of the Google Security Team
ImageIO Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JPEG2000 encoded data in PDF files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1026 : Felix Groebert of the Google Security Team
Installer Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Packages could be opened after certificate revocation Description: When Installer encountered a revoked certificate, it would present a dialog with an option to continue. The issue was addressed by removing the dialog and refusing any revoked package. CVE-ID CVE-2013-1027
IPSec Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: An attacker may intercept data protected with IPSec Hybrid Auth Description: The DNS name of an IPSec Hybrid Auth server was not being matched against the certificate, allowing an attacker with a certificate for any server to impersonate any other. This issue was addressed by properly checking the certificate. CVE-ID CVE-2013-1028 : Alexander Traud of www.traud.de
Kernel Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: A local network user may cause a denial of service Description: An incorrect check in the IGMP packet parsing code in the kernel allowed a user who could send IGMP packets to the system to cause a kernel panic. The issue was addressed by removing the check. CVE-ID CVE-2013-1029 : Christopher Bohn of PROTECTSTAR INC.
Mobile Device Management Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Passwords may be disclosed to other local users Description: A password was passed on the command-line to mdmclient, which made it visible to other users on the same system. The issue was addressed by communicating the password through a pipe. CVE-ID CVE-2013-1030 : Per Olofsson at the University of Gothenburg
OpenSSL Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in OpenSSL Description: Multiple vulnerabilities existed in OpenSSL, the most serious of which may lead to disclosure of user data. These issues were addressed by updating OpenSSL to version 0.9.8y. CVE-ID CVE-2012-2686 CVE-2013-0166 CVE-2013-0169
PHP Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP, the most serious of which may lead to arbitrary code execution. These issues were addressed by updating PHP to version 5.3.26. CVE-ID CVE-2013-1635 CVE-2013-1643 CVE-2013-1824 CVE-2013-2110
PostgreSQL Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in PostgreSQL Description: Multiple vulnerabilities exist in PostgreSQL, the most serious of which may lead to data corruption or privilege escalation. This update addresses the issues by updating PostgreSQL to version 9.0.13. CVE-ID CVE-2013-1899 CVE-2013-1900 CVE-2013-1901 CVE-2013-1902 CVE-2013-1903
Power Management Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: The screen saver may not start after the specified time period Description: A power assertion lock issue existed. This issue was addressed through improved lock handling. CVE-ID CVE-2013-1031
QuickTime Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of 'idsc' atoms in QuickTime movie files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1032 : Jason Kratzer working with iDefense VCP
Screen Lock Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: A user with screen sharing access may be able to bypass the screen lock when another user is logged in Description: A session management issue existed in the screen lock's handling of screen sharing sessions. This issue was addressed through improved session tracking. CVE-ID CVE-2013-1033 : Jeff Grisso of Atos IT Solutions, Sebastien Stormacq
Note: OS X Mountain Lion v10.8.5 also addresses an issue where certain Unicode strings could cause applications to unexpectedly terminate.
OS X Mountain Lion v10.8.5 and Security Update 2013-004 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
The Software Update utility will present the update that applies to your system configuration. Only one is needed, either OS X Mountain Lion v10.8.5, or Security Update 2013-004.
For OS X Mountain Lion v10.8.4 The download file is named: OSXUpd10.8.5.dmg Its SHA-1 digest is: a74ab6d9501778437e7afba0bbed47b776a52b11
For OS X Mountain Lion v10.8 and v10.8.3 The download file is named: OSXUpdCombo10.8.5.dmg Its SHA-1 digest is: cb798ac9b97ceb2d8875af040ce4ff06187d61f2
For OS X Lion v10.7.5 The download file is named: SecUpd2013-004.dmg Its SHA-1 digest is: dbc50fce7070f83b93b866a21b8f5c6e65007fa0
For OS X Lion Server v10.7.5 The download file is named: SecUpdSrvr2013-004.dmg Its SHA-1 digest is: 44a77edbd37732b865bc21a9aac443a3cdc47355
For Mac OS X v10.6.8 The download file is named: SecUpd2013-004.dmg Its SHA-1 digest is: d07d5142a2549270f0d2eaddb262b41bb5c16b61
For Mac OS X Server v10.6.8 The download file is named: SecUpdSrvr2013-004.dmg Its SHA-1 digest is: 8f9abe93f7f9427cf86b89bd67df948a85537dbc
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJSMiPGAAoJEPefwLHPlZEw9qMP/17D4Q8velZ3H4AumPzHqqB4 QxPcuv8PXzhi55epUm2bzNfXR9A5L9KvzEsmggqxO2/ESO0zfeKgAmXXjCI3z5Qc +WkHgqowjwXU9cbjyDkhwb/ylXml+vCSIv2m9eXXNRTRi0rm9ZLSI/JMSRfLMojQ bZbzQSoSpuGaOeOOWESKCf9zBXFG6DBGo0wg3z8Bkywjtp/7bfddPAFHxIdhjDDN 1IgmhPRnP6NEdNSfR6RwF94M+hyiJ2I2DIDZTIo+6B4Ne90bEYdBiQmSxwKFAyc3 H9VFfB8XmrtA2k4DhE6Ow2jD/Y//QKz6TbyZNSQawXxuPsj43v6/T6BsWdfddGbQ hDGU85e7z7a4gmIPuS3DjMhSEyAixL/B3vKYBaZltH6JBCcPuLvGrU7nAiJa7KGQ 8MToOyv42TSj95drFzysk5fcO0MIUH5xiGlaU+ScEdBSpIpHDfpjeJYPqxHeGFaa V2xCGw1vMYbMoxNzRL0FPPdUxJkyBHvuzZXh6c6fATuQIPCtwejpPrYEo7x7RRpl ytsVLe3V27j7IfWb62nI+mNVfH5m+YgK4SGK5DSq8Nm1Lk0w4HXmTtrhOCogsJ2I yoqeg/XakiSdxZxhSa9/ZZsMB+D1B8siNzCj0+U0k4zYjxEA0GdSu/dYRVT62oIn vBrJ5gm+nnyRe2TUMAwz =h9hc -----END PGP SIGNATURE----- . ============================================================================ Ubuntu Security Notice USN-1518-1 July 26, 2012
bind9 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04 LTS
Summary:
Bind could be made to crash if it received specially crafted network traffic.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: libdns81 1:9.8.1.dfsg.P1-4ubuntu0.2
Ubuntu 11.10: libdns69 1:9.7.3.dfsg-1ubuntu4.3
Ubuntu 11.04: libdns69 1:9.7.3.dfsg-1ubuntu2.5
Ubuntu 10.04 LTS: libdns64 1:9.7.0.dfsg.P1-1ubuntu0.6
In general, a standard system update will make all the necessary changes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201207-0279",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bind",
"scope": "eq",
"trust": 1.9,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.9,
"vendor": "isc",
"version": "9.9.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.8.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.7.6"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.7.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.7.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.7.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.6.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.5.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.4.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.4.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.7.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.8.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.8.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.6.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.6"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.8.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.5.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.7.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.8,
"vendor": "isc",
"version": "9.8.3-p2"
},
{
"model": "bind",
"scope": "lt",
"trust": 0.8,
"vendor": "isc",
"version": "9.9.x"
},
{
"model": "bind",
"scope": "lt",
"trust": 0.8,
"vendor": "isc",
"version": "9.7.x"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.8 to v10.8.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.8,
"vendor": "isc",
"version": "9.4.x"
},
{
"model": "esx",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "esx",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.8,
"vendor": "isc",
"version": "9.6.x"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.8,
"vendor": "isc",
"version": "9.5.x"
},
{
"model": "bind",
"scope": "lt",
"trust": 0.8,
"vendor": "isc",
"version": "9.8.x"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.8,
"vendor": "isc",
"version": "9.9.1-p2"
},
{
"model": "esx",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "4.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.8,
"vendor": "isc",
"version": "9.6-esv-r7-p2"
},
{
"model": "bind",
"scope": "lt",
"trust": 0.8,
"vendor": "isc",
"version": "9.6-esv"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.8,
"vendor": "isc",
"version": "9.7.6-p2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.6-esv"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.6-esv-r4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.6-esv-r6"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.6-esv-r5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.6-esv-r3"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "bind 9.9.1-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "bind 9.7.3-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.3"
},
{
"model": "freeflow print server 73.c5.11",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "5.0.1"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "bind 9.6-esv-r5-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.1"
},
{
"model": "bind 9.8.3-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0.1"
},
{
"model": "junos 10.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind 9.6-esv-r3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "bind 9.8.1-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "firewall enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.1.03"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "9.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "bind 9.8.1b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.2"
},
{
"model": "freeflow print server 81.d0.73",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "junos 10.0s18",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.2"
},
{
"model": "bind 9.8.0-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.3-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.6"
},
{
"model": "bind 9.7.3-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "bind -esv r2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "5.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "bind 9.7.6-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "junos 11.4r3.7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.3"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.1"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "junos r1.14",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.5"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "bind 9.7.6-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.6-esv-r7-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "firewall enterprise 8.2.1p03",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "5.0.2"
},
{
"model": "7.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "bind 9.8.0-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "bind 9.7.4-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "60"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "bind 9.6-esv-r7",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "junos r1.1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.4"
},
{
"model": "bind 9.7.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "bind 9.8.0-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.6-esv-r4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"model": "junos 11.4r6.6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.2"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.2"
},
{
"model": "junos 10.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "bind 9.9.1-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"model": "junos 11.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind 9.6-esv-r4-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0"
},
{
"model": "firewall enterprise 7.0.1.03h04",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "bind 9.6-esv-r5b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "junos 11.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11"
},
{
"model": "bind 9.8.0-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"model": "bind 9.6-esv-r4-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.2"
},
{
"model": "junos 10.4r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind 9.7.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.3"
},
{
"model": "junos 11.4r5.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.6"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.3"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.3"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.0"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "bind 9.8.3-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.5"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos 8.5.r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "5.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.4"
},
{
"model": "freeflow print server 82.d1.44",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "bind 9.7.4b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "5.0.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "8.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "bind 9.7.2-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "freeflow print server 73.d2.33",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.4"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.2"
},
{
"model": "bind 9.6-esv-r7-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind -esv r1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.1"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "freeflow print server 93.e0.21c",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.1"
},
{
"model": "firewall enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "8.2.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.2"
},
{
"model": "freeflow print server 91.d2.32",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.2"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.7"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.6"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.5"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.6"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.5"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.4"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.2"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "networks junos r1.1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "networks junos 8.5.r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks junos r1.14",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.5"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.4"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.3"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.2"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.1"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.4"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.3"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "networks junos 11.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks junos 11.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.1"
},
{
"model": "networks junos 10.4r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.4"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.3"
},
{
"model": "networks junos 10.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks junos 10.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.2"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.1"
},
{
"model": "networks junos 10.0s18",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "54658"
},
{
"db": "BID",
"id": "60012"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003305"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-437"
},
{
"db": "NVD",
"id": "CVE-2012-3817"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.5.1:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.5.1:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.5.3:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.5.2:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6.1:p3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6.3:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6.2:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r6_rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r6_rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r6_b1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r5_p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r7_p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3817"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Einar Lonn",
"sources": [
{
"db": "BID",
"id": "54658"
},
{
"db": "PACKETSTORM",
"id": "115349"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-437"
}
],
"trust": 1.0
},
"cve": "CVE-2012-3817",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-3817",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3817",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201207-437",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2012-3817",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-3817"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003305"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-437"
},
{
"db": "NVD",
"id": "CVE-2012-3817"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries. ISC BIND is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause an assertion failure in the \u0027named\u0027 process, denying service to legitimate users. This issue may also be exploited to disclose certain memory information to clients. \nThe following versions are affected:\nBIND 9.6-ESV-R1 through versions 9.6-ESV-R7-P1\nBIND 9.7.1 through versions 9.7.6-P1\nBIND 9.8.0 through versions 9.8.3-P1\nBIND 9.9.0 through versions 9.9.1-P1. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=============================================================================\nFreeBSD-SA-12:05.bind Security Advisory\n The FreeBSD Project\n\nTopic: named(8) DNSSEC validation Denial of Service\n\nCategory: contrib\nModule: bind\nAnnounced: 2012-08-06\nCredits: Einar Lonn of IIS.se\nAffects: All supported versions of FreeBSD\nCorrected: 2012-08-06 21:33:11 UTC (RELENG_7, 7.4-STABLE)\n 2012-08-06 21:33:11 UTC (RELENG_7_4, 7.4-RELEASE-p10)\n 2012-07-24 19:04:35 UTC (RELENG_8, 8.3-STABLE)\n 2012-08-06 21:33:11 UTC (RELENG_8_3, 8.3-RELEASE-p4)\n 2012-08-06 21:33:11 UTC (RELENG_8_2, 8.2-RELEASE-p10)\n 2012-08-06 21:33:11 UTC (RELENG_8_1, 8.1-RELEASE-p13)\n 2012-07-24 22:32:03 UTC (RELENG_9, 9.1-PRERELEASE)\n 2012-08-06 21:33:11 UTC (RELENG_9_0, 9.0-RELEASE-p4)\nCVE Name: CVE-2012-3817\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. \n\nDNS Security Extensions (DNSSEC) provides data integrity, origin\nauthentication and authenticated denial of existence to resolvers. \n\nII. Problem Description\n\nBIND 9 stores a cache of query names that are known to be failing due\nto misconfigured name servers or a broken chain of trust. \n\nIII. \n\nIV. Workaround\n\nNo workaround is available, but systems not running the BIND resolving\nname server with dnssec-validation enabled are not affected. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to 7-STABLE, 8-STABLE, or 9-STABLE,\nor to the RELENG_7_4, RELENG_8_3, RELENG_8_2, RELENG_8_1, or RELENG_9_0\nsecurity branch dated after the correction date. \n\n2) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to FreeBSD 7.4,\n8.3, 8.2, 8.1 and 9.0 systems. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch http://security.FreeBSD.org/patches/SA-12:05/bind.patch\n# fetch http://security.FreeBSD.org/patches/SA-12:05/bind.patch.asc\n\nb) Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n# cd /usr/src/lib/bind/dns\n# make obj \u0026\u0026 make depend \u0026\u0026 make \u0026\u0026 make install\n# cd /usr/src/usr.sbin/named\n# make obj \u0026\u0026 make depend \u0026\u0026 make \u0026\u0026 make install\n\n3) To update your vulnerable system via a binary patch:\n\nSystems running 7.4-RELEASE, 8.3-RELEASE, 8.2-RELEASE, 8.1-RELEASE,\nor 9.0-RELEASE on the i386 or amd64 platforms can be updated via the\nfreebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\n4) Install and run BIND from the Ports Collection after the correction\ndate. Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nCVS:\n\nBranch Revision\n Path\n- -------------------------------------------------------------------------\nRELENG_7\n src/contrib/bind9/lib/dns/resolver.c 1.1.1.9.2.11\nRELENG_7_4\n src/UPDATING 1.507.2.36.2.12\n src/sys/conf/newvers.sh 1.72.2.18.2.15\n src/contrib/bind9/lib/dns/resolver.c 1.1.1.9.2.8.2.1\nRELENG_8\n src/contrib/bind9/CHANGES 1.9.2.15\n src/contrib/bind9/lib/dns/resolver.c 1.3.2.6\n src/contrib/bind9/lib/dns/zone.c 1.6.2.10\n src/contrib/bind9/lib/isc/random.c 1.2.2.4\n src/contrib/bind9/version 1.9.2.15\nRELENG_8_3\n src/UPDATING 1.632.2.26.2.6\n src/sys/conf/newvers.sh 1.83.2.15.2.8\n src/contrib/bind9/lib/dns/resolver.c 1.6.2.7.2.1\nRELENG_8_2\n src/UPDATING 1.632.2.19.2.12\n src/sys/conf/newvers.sh 1.83.2.12.2.15\n src/contrib/bind9/lib/dns/resolver.c 1.6.2.4.2.1\nRELENG_8_1\n src/UPDATING 1.632.2.14.2.16\n src/sys/conf/newvers.sh 1.83.2.10.2.17\n src/contrib/bind9/lib/dns/resolver.c 1.6.2.3.2.1\nRELENG_9\n src/contrib/bind9/CHANGES 1.21.2.5\n src/contrib/bind9/lib/dns/resolver.c 1.15.2.3\n src/contrib/bind9/lib/dns/zone.c 1.7.2.3\n src/contrib/bind9/version 1.21.2.5\nRELENG_9_0\n src/UPDATING 1.702.2.4.2.6\n src/sys/conf/newvers.sh 1.95.2.4.2.8\n src/contrib/bind9/lib/dns/resolver.c 1.15.4.1\n- -------------------------------------------------------------------------\n\nSubversion:\n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/7/ r239108\nreleng/7.4/ r239108\nstable/8/ r238749\nreleng/8.3/ r239108\nreleng/8.2/ r239108\nreleng/8.1/ r239108\nstable/9/ r238756\nreleng/9.0/ r239108\n- -------------------------------------------------------------------------\n\nVII. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n\nHere are the details from the Slackware 14.0 ChangeLog:\n+--------------------------+\npatches/packages/bind-9.9.2_P1-i486-1_slack14.0.txz: Upgraded. \n IMPORTANT NOTE: This package updates BIND from 9.7.6_P4 to\n 9.8.4_P1 since the 9.7 series is no longer supported. It is\n possible that some changes may be required to your local\n configuration. \n This release addresses some denial-of-service and other bugs. \n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.8.4_P1-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.8.4_P1-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.8.4_P1-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.8.4_P1-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.8.4_P1-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.2_P1-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.2_P1-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.9.2_P1-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.9.2_P1-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 12.1 package:\n2df945fd92d480df98711992180cdd70 bind-9.8.4_P1-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\nddf762702befde00ab86cda1a5766bbd bind-9.8.4_P1-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\nb6c9a8f1262bd39db2dd77034f58e568 bind-9.8.4_P1-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\nb35c20ad9778035c7e04ef2944375608 bind-9.8.4_P1-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\na6b061aeb84003ea7b6ddcc157e0db65 bind-9.8.4_P1-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n54ee26b4924ab502eedfd024d83db20e bind-9.8.4_P1-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n04d40ede0a96160e79767bf995469773 bind-9.8.4_P1-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\nf4635df06e3c0f62f035d00e15b0f5fb bind-9.8.4_P1-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n66612ea03941fc8ef5ef21409ecc6fe3 bind-9.9.2_P1-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n6f664fe7e955c0dbe806a63ad9212c00 bind-9.9.2_P1-x86_64-1_slack14.0.txz\n\nSlackware -current package:\n83bc10ca67bede66bf742a7d0ab6e628 n/bind-9.9.2_P1-i486-1.txz\n\nSlackware x86_64 -current package:\n4a539dd88ef3637eee56693c037a3dc8 n/bind-9.9.2_P1-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg bind-9.9.2_P1-i486-1_slack14.0.txz\n\nThen, restart the name server:\n\n# /etc/rc.d/rc.bind restart\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. ----------------------------------------------------------------------\n\nWe are millions! Join us to protect all Pc\u0027s Worldwide. \nDownload the new Secunia PSI 3.0 available in 5 languages and share it with your friends:\nhttp://secunia.com/psi\n\n----------------------------------------------------------------------\n\nTITLE:\nISC BIND Bad Cache Assertion Failure and TCP Query Denial of Service\nVulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50020\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50020/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50020\n\nRELEASE DATE:\n2012-07-25\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50020/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50020/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50020\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in ISC BIND, which can be\nexploited by malicious people to cause a DoS (Denial of Service). \n\nSuccessful exploitation of this vulnerability requires that DNSSEC\nvalidation is enabled. \n\n2) A memory leak error when processing TCP queries can be exploited\nto increase the number of misplaced ns_client objects and trigger an\nout-of-memory condition. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n1) Einar Lonn, IIS.se\n2) Kevin Sheehan, Infoblox, Inc. and Anand Buddhdev, RIPE NCC. \n\nORIGINAL ADVISORY:\nhttps://www.isc.org/software/aftr/advisories/cve-2012-3817\nhttps://www.isc.org/software/bind/advisories/cve-2012-3868\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze6. \n\nFor the testing distribution (wheezy), this problem will be fixed soon. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:9.8.1.dfsg.P1-4.2. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: bind security update\nAdvisory ID: RHSA-2012:1123-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1123.html\nIssue date: 2012-07-31\nCVE Names: CVE-2012-3817 \n=====================================================================\n\n1. Summary:\n\nUpdated bind packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5 and 6. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section. \n\n2. Relevant releases/architectures:\n\nRHEL Desktop Workstation (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. \n\nAn uninitialized data structure use flaw was found in BIND when DNSSEC\nvalidation was enabled. (CVE-2012-3817)\n\nUsers of bind are advised to upgrade to these updated packages, which\ncorrect this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n842897 - CVE-2012-3817 bind: heavy DNSSEC validation load can cause assertion failure\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind-9.3.6-20.P1.el5_8.2.src.rpm\n\ni386:\nbind-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-libs-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-sdb-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-utils-9.3.6-20.P1.el5_8.2.i386.rpm\n\nx86_64:\nbind-9.3.6-20.P1.el5_8.2.x86_64.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.x86_64.rpm\nbind-libs-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-libs-9.3.6-20.P1.el5_8.2.x86_64.rpm\nbind-sdb-9.3.6-20.P1.el5_8.2.x86_64.rpm\nbind-utils-9.3.6-20.P1.el5_8.2.x86_64.rpm\n\nRHEL Desktop Workstation (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind-9.3.6-20.P1.el5_8.2.src.rpm\n\ni386:\nbind-chroot-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-libbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm\ncaching-nameserver-9.3.6-20.P1.el5_8.2.i386.rpm\n\nx86_64:\nbind-chroot-9.3.6-20.P1.el5_8.2.x86_64.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.x86_64.rpm\nbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-devel-9.3.6-20.P1.el5_8.2.x86_64.rpm\nbind-libbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-libbind-devel-9.3.6-20.P1.el5_8.2.x86_64.rpm\ncaching-nameserver-9.3.6-20.P1.el5_8.2.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/bind-9.3.6-20.P1.el5_8.2.src.rpm\n\ni386:\nbind-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-chroot-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-libbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-libs-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-sdb-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-utils-9.3.6-20.P1.el5_8.2.i386.rpm\ncaching-nameserver-9.3.6-20.P1.el5_8.2.i386.rpm\n\nia64:\nbind-9.3.6-20.P1.el5_8.2.ia64.rpm\nbind-chroot-9.3.6-20.P1.el5_8.2.ia64.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.ia64.rpm\nbind-devel-9.3.6-20.P1.el5_8.2.ia64.rpm\nbind-libbind-devel-9.3.6-20.P1.el5_8.2.ia64.rpm\nbind-libs-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-libs-9.3.6-20.P1.el5_8.2.ia64.rpm\nbind-sdb-9.3.6-20.P1.el5_8.2.ia64.rpm\nbind-utils-9.3.6-20.P1.el5_8.2.ia64.rpm\ncaching-nameserver-9.3.6-20.P1.el5_8.2.ia64.rpm\n\nppc:\nbind-9.3.6-20.P1.el5_8.2.ppc.rpm\nbind-chroot-9.3.6-20.P1.el5_8.2.ppc.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.ppc.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.ppc64.rpm\nbind-devel-9.3.6-20.P1.el5_8.2.ppc.rpm\nbind-devel-9.3.6-20.P1.el5_8.2.ppc64.rpm\nbind-libbind-devel-9.3.6-20.P1.el5_8.2.ppc.rpm\nbind-libbind-devel-9.3.6-20.P1.el5_8.2.ppc64.rpm\nbind-libs-9.3.6-20.P1.el5_8.2.ppc.rpm\nbind-libs-9.3.6-20.P1.el5_8.2.ppc64.rpm\nbind-sdb-9.3.6-20.P1.el5_8.2.ppc.rpm\nbind-utils-9.3.6-20.P1.el5_8.2.ppc.rpm\ncaching-nameserver-9.3.6-20.P1.el5_8.2.ppc.rpm\n\ns390x:\nbind-9.3.6-20.P1.el5_8.2.s390x.rpm\nbind-chroot-9.3.6-20.P1.el5_8.2.s390x.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.s390.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.s390x.rpm\nbind-devel-9.3.6-20.P1.el5_8.2.s390.rpm\nbind-devel-9.3.6-20.P1.el5_8.2.s390x.rpm\nbind-libbind-devel-9.3.6-20.P1.el5_8.2.s390.rpm\nbind-libbind-devel-9.3.6-20.P1.el5_8.2.s390x.rpm\nbind-libs-9.3.6-20.P1.el5_8.2.s390.rpm\nbind-libs-9.3.6-20.P1.el5_8.2.s390x.rpm\nbind-sdb-9.3.6-20.P1.el5_8.2.s390x.rpm\nbind-utils-9.3.6-20.P1.el5_8.2.s390x.rpm\ncaching-nameserver-9.3.6-20.P1.el5_8.2.s390x.rpm\n\nx86_64:\nbind-9.3.6-20.P1.el5_8.2.x86_64.rpm\nbind-chroot-9.3.6-20.P1.el5_8.2.x86_64.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-debuginfo-9.3.6-20.P1.el5_8.2.x86_64.rpm\nbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-devel-9.3.6-20.P1.el5_8.2.x86_64.rpm\nbind-libbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-libbind-devel-9.3.6-20.P1.el5_8.2.x86_64.rpm\nbind-libs-9.3.6-20.P1.el5_8.2.i386.rpm\nbind-libs-9.3.6-20.P1.el5_8.2.x86_64.rpm\nbind-sdb-9.3.6-20.P1.el5_8.2.x86_64.rpm\nbind-utils-9.3.6-20.P1.el5_8.2.x86_64.rpm\ncaching-nameserver-9.3.6-20.P1.el5_8.2.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-utils-9.8.2-0.10.rc1.el6_3.2.i686.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-utils-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm\n\ni386:\nbind-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-chroot-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-sdb-9.8.2-0.10.rc1.el6_3.2.i686.rpm\n\nx86_64:\nbind-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-chroot-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-sdb-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-utils-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm\n\nx86_64:\nbind-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-chroot-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-sdb-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm\n\ni386:\nbind-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-chroot-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-utils-9.8.2-0.10.rc1.el6_3.2.i686.rpm\n\nppc64:\nbind-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm\nbind-chroot-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.ppc.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.ppc.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm\nbind-utils-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm\n\ns390x:\nbind-9.8.2-0.10.rc1.el6_3.2.s390x.rpm\nbind-chroot-9.8.2-0.10.rc1.el6_3.2.s390x.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.s390.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.s390x.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.s390.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.s390x.rpm\nbind-utils-9.8.2-0.10.rc1.el6_3.2.s390x.rpm\n\nx86_64:\nbind-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-chroot-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-utils-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-sdb-9.8.2-0.10.rc1.el6_3.2.i686.rpm\n\nppc64:\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.ppc.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.ppc.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm\nbind-sdb-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.s390.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.s390x.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.s390.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.s390x.rpm\nbind-sdb-9.8.2-0.10.rc1.el6_3.2.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-sdb-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm\n\ni386:\nbind-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-chroot-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-utils-9.8.2-0.10.rc1.el6_3.2.i686.rpm\n\nx86_64:\nbind-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-chroot-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-libs-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-utils-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-sdb-9.8.2-0.10.rc1.el6_3.2.i686.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm\nbind-devel-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\nbind-sdb-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-3817.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttp://www.isc.org/software/bind/advisories/cve-2012-3817\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQF1jgXlSAg2UNWIIRAhfLAKC7IA3Vlbw8YTJSpY/DfKn7S81tIgCgq/b2\n7PGAy2HFq2b2y+ASSTx67k0=\n=uM7c\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update\n2013-004\n\nOS X Mountain Lion v10.8.5 and Security Update 2013-004 is now\navailable and addresses the following:\n\nApache\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Multiple vulnerabilities in Apache\nDescription: Multiple vulnerabilities existed in Apache, the most\nserious of which may lead to cross-site scripting. These issues were\naddressed by updating Apache to version 2.2.24. \nCVE-ID\nCVE-2012-0883\nCVE-2012-2687\nCVE-2012-3499\nCVE-2012-4558\n\nBind\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Multiple vulnerabilities in BIND\nDescription: Multiple vulnerabilities existed in BIND, the most\nserious of which may lead to a denial of service. CVE-2012-5688 did not\naffect Mac OS X v10.7 systems. \nCVE-ID\nCVE-2012-3817\nCVE-2012-4244\nCVE-2012-5166\nCVE-2012-5688\nCVE-2013-2266\n\nCertificate Trust Policy\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Root certificates have been updated\nDescription: Several certificates were added to or removed from the\nlist of system roots. The complete list of recognized system roots\nmay be viewed via the Keychain Access application. \n\nClamAV\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7.5, OS X Lion Server v10.7.5\nImpact: Multiple vulnerabilities in ClamAV\nDescription: Multiple vulnerabilities exist in ClamAV, the most\nserious of which may lead to arbitrary code execution. This update\naddresses the issues by updating ClamAV to version 0.97.8. \nCVE-ID\nCVE-2013-2020\nCVE-2013-2021\n\nCoreGraphics\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\nImpact: Viewing a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of JBIG2\nencoded data in PDF files. This issue was addressed through\nadditional bounds checking. \nCVE-ID\nCVE-2013-1025 : Felix Groebert of the Google Security Team\n\nImageIO\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\nImpact: Viewing a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of JPEG2000\nencoded data in PDF files. This issue was addressed through\nadditional bounds checking. \nCVE-ID\nCVE-2013-1026 : Felix Groebert of the Google Security Team\n\nInstaller\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Packages could be opened after certificate revocation\nDescription: When Installer encountered a revoked certificate, it\nwould present a dialog with an option to continue. The issue was\naddressed by removing the dialog and refusing any revoked package. \nCVE-ID\nCVE-2013-1027\n\nIPSec\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: An attacker may intercept data protected with IPSec Hybrid\nAuth\nDescription: The DNS name of an IPSec Hybrid Auth server was not\nbeing matched against the certificate, allowing an attacker with a\ncertificate for any server to impersonate any other. This issue was\naddressed by properly checking the certificate. \nCVE-ID\nCVE-2013-1028 : Alexander Traud of www.traud.de\n\nKernel\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\nImpact: A local network user may cause a denial of service\nDescription: An incorrect check in the IGMP packet parsing code in\nthe kernel allowed a user who could send IGMP packets to the system\nto cause a kernel panic. The issue was addressed by removing the\ncheck. \nCVE-ID\nCVE-2013-1029 : Christopher Bohn of PROTECTSTAR INC. \n\nMobile Device Management\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Passwords may be disclosed to other local users\nDescription: A password was passed on the command-line to mdmclient,\nwhich made it visible to other users on the same system. The issue\nwas addressed by communicating the password through a pipe. \nCVE-ID\nCVE-2013-1030 : Per Olofsson at the University of Gothenburg\n\nOpenSSL\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Multiple vulnerabilities in OpenSSL\nDescription: Multiple vulnerabilities existed in OpenSSL, the most\nserious of which may lead to disclosure of user data. These issues\nwere addressed by updating OpenSSL to version 0.9.8y. \nCVE-ID\nCVE-2012-2686\nCVE-2013-0166\nCVE-2013-0169\n\nPHP\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Multiple vulnerabilities in PHP\nDescription: Multiple vulnerabilities existed in PHP, the most\nserious of which may lead to arbitrary code execution. These issues\nwere addressed by updating PHP to version 5.3.26. \nCVE-ID\nCVE-2013-1635\nCVE-2013-1643\nCVE-2013-1824\nCVE-2013-2110\n\nPostgreSQL\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Multiple vulnerabilities in PostgreSQL\nDescription: Multiple vulnerabilities exist in PostgreSQL, the most\nserious of which may lead to data corruption or privilege escalation. \nThis update addresses the issues by updating PostgreSQL to version\n9.0.13. \nCVE-ID\nCVE-2013-1899\nCVE-2013-1900\nCVE-2013-1901\nCVE-2013-1902\nCVE-2013-1903\n\nPower Management\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\nImpact: The screen saver may not start after the specified time\nperiod\nDescription: A power assertion lock issue existed. This issue was\naddressed through improved lock handling. \nCVE-ID\nCVE-2013-1031\n\nQuickTime\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the handling of\n\u0027idsc\u0027 atoms in QuickTime movie files. This issue was addressed\nthrough additional bounds checking. \nCVE-ID\nCVE-2013-1032 : Jason Kratzer working with iDefense VCP\n\nScreen Lock\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\nImpact: A user with screen sharing access may be able to bypass the\nscreen lock when another user is logged in\nDescription: A session management issue existed in the screen lock\u0027s\nhandling of screen sharing sessions. This issue was addressed through\nimproved session tracking. \nCVE-ID\nCVE-2013-1033 : Jeff Grisso of Atos IT Solutions, Sebastien Stormacq\n\nNote: OS X Mountain Lion v10.8.5 also addresses an issue where\ncertain Unicode strings could cause applications to unexpectedly\nterminate. \n\n\nOS X Mountain Lion v10.8.5 and Security Update 2013-004 may be\nobtained from the Software Update pane in System Preferences,\nor Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nThe Software Update utility will present the update that applies\nto your system configuration. Only one is needed, either\nOS X Mountain Lion v10.8.5, or Security Update\n2013-004. \n\nFor OS X Mountain Lion v10.8.4\nThe download file is named: OSXUpd10.8.5.dmg\nIts SHA-1 digest is: a74ab6d9501778437e7afba0bbed47b776a52b11\n\nFor OS X Mountain Lion v10.8 and v10.8.3\nThe download file is named: OSXUpdCombo10.8.5.dmg\nIts SHA-1 digest is: cb798ac9b97ceb2d8875af040ce4ff06187d61f2\n\nFor OS X Lion v10.7.5\nThe download file is named: SecUpd2013-004.dmg\nIts SHA-1 digest is: dbc50fce7070f83b93b866a21b8f5c6e65007fa0\n\nFor OS X Lion Server v10.7.5\nThe download file is named: SecUpdSrvr2013-004.dmg\nIts SHA-1 digest is: 44a77edbd37732b865bc21a9aac443a3cdc47355\n\nFor Mac OS X v10.6.8\nThe download file is named: SecUpd2013-004.dmg\nIts SHA-1 digest is: d07d5142a2549270f0d2eaddb262b41bb5c16b61\n\nFor Mac OS X Server v10.6.8\nThe download file is named: SecUpdSrvr2013-004.dmg\nIts SHA-1 digest is: 8f9abe93f7f9427cf86b89bd67df948a85537dbc\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJSMiPGAAoJEPefwLHPlZEw9qMP/17D4Q8velZ3H4AumPzHqqB4\nQxPcuv8PXzhi55epUm2bzNfXR9A5L9KvzEsmggqxO2/ESO0zfeKgAmXXjCI3z5Qc\n+WkHgqowjwXU9cbjyDkhwb/ylXml+vCSIv2m9eXXNRTRi0rm9ZLSI/JMSRfLMojQ\nbZbzQSoSpuGaOeOOWESKCf9zBXFG6DBGo0wg3z8Bkywjtp/7bfddPAFHxIdhjDDN\n1IgmhPRnP6NEdNSfR6RwF94M+hyiJ2I2DIDZTIo+6B4Ne90bEYdBiQmSxwKFAyc3\nH9VFfB8XmrtA2k4DhE6Ow2jD/Y//QKz6TbyZNSQawXxuPsj43v6/T6BsWdfddGbQ\nhDGU85e7z7a4gmIPuS3DjMhSEyAixL/B3vKYBaZltH6JBCcPuLvGrU7nAiJa7KGQ\n8MToOyv42TSj95drFzysk5fcO0MIUH5xiGlaU+ScEdBSpIpHDfpjeJYPqxHeGFaa\nV2xCGw1vMYbMoxNzRL0FPPdUxJkyBHvuzZXh6c6fATuQIPCtwejpPrYEo7x7RRpl\nytsVLe3V27j7IfWb62nI+mNVfH5m+YgK4SGK5DSq8Nm1Lk0w4HXmTtrhOCogsJ2I\nyoqeg/XakiSdxZxhSa9/ZZsMB+D1B8siNzCj0+U0k4zYjxEA0GdSu/dYRVT62oIn\nvBrJ5gm+nnyRe2TUMAwz\n=h9hc\n-----END PGP SIGNATURE-----\n. ============================================================================\nUbuntu Security Notice USN-1518-1\nJuly 26, 2012\n\nbind9 vulnerability\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n- Ubuntu 11.10\n- Ubuntu 11.04\n- Ubuntu 10.04 LTS\n\nSummary:\n\nBind could be made to crash if it received specially crafted network\ntraffic. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n libdns81 1:9.8.1.dfsg.P1-4ubuntu0.2\n\nUbuntu 11.10:\n libdns69 1:9.7.3.dfsg-1ubuntu4.3\n\nUbuntu 11.04:\n libdns69 1:9.7.3.dfsg-1ubuntu2.5\n\nUbuntu 10.04 LTS:\n libdns64 1:9.7.0.dfsg.P1-1ubuntu0.6\n\nIn general, a standard system update will make all the necessary changes",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3817"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003305"
},
{
"db": "BID",
"id": "54658"
},
{
"db": "BID",
"id": "60012"
},
{
"db": "VULMON",
"id": "CVE-2012-3817"
},
{
"db": "PACKETSTORM",
"id": "115349"
},
{
"db": "PACKETSTORM",
"id": "115104"
},
{
"db": "PACKETSTORM",
"id": "118736"
},
{
"db": "PACKETSTORM",
"id": "115001"
},
{
"db": "PACKETSTORM",
"id": "115128"
},
{
"db": "PACKETSTORM",
"id": "115117"
},
{
"db": "PACKETSTORM",
"id": "115129"
},
{
"db": "PACKETSTORM",
"id": "123228"
},
{
"db": "PACKETSTORM",
"id": "115036"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3817",
"trust": 3.7
},
{
"db": "ISC",
"id": "AA-00729",
"trust": 2.2
},
{
"db": "SECTRACK",
"id": "1027296",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "51096",
"trust": 1.1
},
{
"db": "BID",
"id": "54658",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003305",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "50020",
"trust": 0.8
},
{
"db": "JUNIPER",
"id": "JSA10564",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "20299",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "20142",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201207-437",
"trust": 0.6
},
{
"db": "JUNIPER",
"id": "JSA10556",
"trust": 0.3
},
{
"db": "MCAFEE",
"id": "SB10032",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10562",
"trust": 0.3
},
{
"db": "BID",
"id": "60012",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2012-3817",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115349",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115104",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118736",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115001",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115128",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115117",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115129",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123228",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115036",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-3817"
},
{
"db": "BID",
"id": "54658"
},
{
"db": "BID",
"id": "60012"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003305"
},
{
"db": "PACKETSTORM",
"id": "115349"
},
{
"db": "PACKETSTORM",
"id": "115104"
},
{
"db": "PACKETSTORM",
"id": "118736"
},
{
"db": "PACKETSTORM",
"id": "115001"
},
{
"db": "PACKETSTORM",
"id": "115128"
},
{
"db": "PACKETSTORM",
"id": "115117"
},
{
"db": "PACKETSTORM",
"id": "115129"
},
{
"db": "PACKETSTORM",
"id": "123228"
},
{
"db": "PACKETSTORM",
"id": "115036"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-437"
},
{
"db": "NVD",
"id": "CVE-2012-3817"
}
]
},
"id": "VAR-201207-0279",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.28947368
},
"last_update_date": "2024-07-23T21:31:34.437000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2013-09-12-1",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2013/sep/msg00002.html"
},
{
"title": "HT5880",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht5880"
},
{
"title": "HT5880",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht5880?viewlocale=ja_jp"
},
{
"title": "CVE-2012-3817: Heavy DNSSEC Validation Load Can Cause a \"Bad Cache\" Assertion Failure in BIND9",
"trust": 0.8,
"url": "https://kb.isc.org/article/aa-00729"
},
{
"title": "CVE-2012-3817 [JP]: \u9ad8\u8ca0\u8377\u306eDNSSEC\u691c\u8a3c\u306b\u3088\u3063\u3066BIND9\u306b\"Bad Cache\"\u8868\u660e\u9055\u53cd\u304c\u767a\u751f\u3059\u308b",
"trust": 0.8,
"url": "https://kb.isc.org/article/aa-00752"
},
{
"title": "openSUSE-SU-2012:0971",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00015.html"
},
{
"title": "openSUSE-SU-2012:0969",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00013.html"
},
{
"title": "RHSA-2012:1123",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1123.html"
},
{
"title": "RHSA-2012:1122",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1122.html"
},
{
"title": "CVE-2012-3817 Denial of Service (DoS) vulnerability in Bind",
"trust": 0.8,
"url": "http://blogs.oracle.com/sunsecurity/entry/cve_2012_3817_denial_of"
},
{
"title": "USN-1518-1",
"trust": 0.8,
"url": "http://www.ubuntu.com/usn/usn-1518-1/"
},
{
"title": "VMSA-2012-0016",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2012-0016.html"
},
{
"title": "Red Hat: Important: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121123 - security advisory"
},
{
"title": "Red Hat: Important: bind97 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121122 - security advisory"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2012-3817",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=ffc06743cfe6b573156e9ecf408f4609"
},
{
"title": "Ubuntu Security Notice: bind9 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1518-1"
},
{
"title": "Debian Security Advisories: DSA-2517-1 bind9 -- denial of service",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=39443ec661376e47ee641d00e5e9b897"
},
{
"title": "Amazon Linux AMI: ALAS-2012-113",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2012-113"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/dbutter/whitehat_public "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-3817"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003305"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003305"
},
{
"db": "NVD",
"id": "CVE-2012-3817"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://kb.isc.org/article/aa-00729"
},
{
"trust": 1.4,
"url": "http://support.apple.com/kb/ht5880"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-1518-1"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1123.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1122.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00013.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00015.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2012/dsa-2517"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027296"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/51096"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2013/sep/msg00002.html"
},
{
"trust": 1.1,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2012\u0026m=slackware-security.536004"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3817"
},
{
"trust": 0.8,
"url": "http://jprs.jp/tech/security/2012-07-25-bind9-vuln-heavy-dnssec-validation-load.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3817"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3817"
},
{
"trust": 0.7,
"url": "http://www.securityfocus.com/bid/54658"
},
{
"trust": 0.6,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10564"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50020"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20299"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20142"
},
{
"trust": 0.4,
"url": "http://security.freebsd.org/advisories/freebsd-sa-12:05.bind.asc"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_3817_denial_of"
},
{
"trust": 0.3,
"url": "http://www.isc.org/products/bind/"
},
{
"trust": 0.3,
"url": "/archive/1/523799"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100167369"
},
{
"trust": 0.3,
"url": "http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03526327\u0026ac.admitted=1351077150059.876444892.492883150"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10032"
},
{
"trust": 0.3,
"url": "http://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2012-004.txt.asc"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10556"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2012-0016.html"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/12047-4e4eed8d42ca6/cert_xrx13-007_v1.0.pdf"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10562"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5688"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5166"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3817.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "http://www.isc.org/software/bind/advisories/cve-2012-3817"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2012:1123"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/1518-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26477"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-12:05/bind.patch.asc"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-12:05/bind.patch"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5166"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3868"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5688"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1667"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3868"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1667"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50020/"
},
{
"trust": 0.1,
"url": "https://www.isc.org/software/bind/advisories/cve-2012-3868"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50020"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50020/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://www.isc.org/software/aftr/advisories/cve-2012-3817"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3499"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1899"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4558"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1903"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1635"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1025"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0169"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1029"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1643"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://www.traud.de"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2687"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1901"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1026"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4244"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1824"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1027"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1031"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1902"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1033"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1032"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1030"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2686"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1028"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0166"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.p1-4ubuntu0.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.7.0.dfsg.p1-1ubuntu0.6"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.7.3.dfsg-1ubuntu2.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.7.3.dfsg-1ubuntu4.3"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-3817"
},
{
"db": "BID",
"id": "54658"
},
{
"db": "BID",
"id": "60012"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003305"
},
{
"db": "PACKETSTORM",
"id": "115349"
},
{
"db": "PACKETSTORM",
"id": "115104"
},
{
"db": "PACKETSTORM",
"id": "118736"
},
{
"db": "PACKETSTORM",
"id": "115001"
},
{
"db": "PACKETSTORM",
"id": "115128"
},
{
"db": "PACKETSTORM",
"id": "115117"
},
{
"db": "PACKETSTORM",
"id": "115129"
},
{
"db": "PACKETSTORM",
"id": "123228"
},
{
"db": "PACKETSTORM",
"id": "115036"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-437"
},
{
"db": "NVD",
"id": "CVE-2012-3817"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2012-3817"
},
{
"db": "BID",
"id": "54658"
},
{
"db": "BID",
"id": "60012"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003305"
},
{
"db": "PACKETSTORM",
"id": "115349"
},
{
"db": "PACKETSTORM",
"id": "115104"
},
{
"db": "PACKETSTORM",
"id": "118736"
},
{
"db": "PACKETSTORM",
"id": "115001"
},
{
"db": "PACKETSTORM",
"id": "115128"
},
{
"db": "PACKETSTORM",
"id": "115117"
},
{
"db": "PACKETSTORM",
"id": "115129"
},
{
"db": "PACKETSTORM",
"id": "123228"
},
{
"db": "PACKETSTORM",
"id": "115036"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-437"
},
{
"db": "NVD",
"id": "CVE-2012-3817"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-25T00:00:00",
"db": "VULMON",
"id": "CVE-2012-3817"
},
{
"date": "2012-07-24T00:00:00",
"db": "BID",
"id": "54658"
},
{
"date": "2013-05-20T00:00:00",
"db": "BID",
"id": "60012"
},
{
"date": "2012-07-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003305"
},
{
"date": "2012-08-08T14:05:59",
"db": "PACKETSTORM",
"id": "115349"
},
{
"date": "2012-07-30T19:20:53",
"db": "PACKETSTORM",
"id": "115104"
},
{
"date": "2012-12-10T23:33:33",
"db": "PACKETSTORM",
"id": "118736"
},
{
"date": "2012-07-25T04:55:44",
"db": "PACKETSTORM",
"id": "115001"
},
{
"date": "2012-07-31T05:06:39",
"db": "PACKETSTORM",
"id": "115128"
},
{
"date": "2012-07-31T01:46:22",
"db": "PACKETSTORM",
"id": "115117"
},
{
"date": "2012-07-31T05:07:20",
"db": "PACKETSTORM",
"id": "115129"
},
{
"date": "2013-09-13T19:32:22",
"db": "PACKETSTORM",
"id": "123228"
},
{
"date": "2012-07-27T00:01:14",
"db": "PACKETSTORM",
"id": "115036"
},
{
"date": "2012-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-437"
},
{
"date": "2012-07-25T10:42:35.803000",
"db": "NVD",
"id": "CVE-2012-3817"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2012-3817"
},
{
"date": "2015-04-13T21:46:00",
"db": "BID",
"id": "54658"
},
{
"date": "2013-05-20T00:00:00",
"db": "BID",
"id": "60012"
},
{
"date": "2013-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003305"
},
{
"date": "2012-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-437"
},
{
"date": "2018-10-30T16:27:02.467000",
"db": "NVD",
"id": "CVE-2012-3817"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "115349"
},
{
"db": "PACKETSTORM",
"id": "115128"
},
{
"db": "PACKETSTORM",
"id": "115129"
},
{
"db": "PACKETSTORM",
"id": "115036"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-437"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISC BIND Service disruption in ( Violation of representation and Daemon Exit) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003305"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201207-437"
}
],
"trust": 0.6
}
}
VAR-201406-0445
Vulnerability from variot - Updated: 2024-07-23 21:30OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability. OpenSSL is prone to security-bypass vulnerability. Successfully exploiting this issue may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks. Versions prior to OpenSSL 1.0.1 and 1.0.2-beta1 are vulnerable.
HP Connect IT / HP SPM CIT - 9.5x Please install: HP Connect IT 9.53.P2
For Windows http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00070
For Linux http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00071
For AIX http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00072
For HPUX http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00073
For Solaris http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00074
HP Connect IT / HP SPM CIT - 9.4x Please install: HP Connect IT 9.40.P1
For windows(en) http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00075
For Linux(en) http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00076
For AIX(en) http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00077
For HPUX(en) http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00078
For Solaris(en) http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00079
HP Connect IT / HP SPM AM 5.2x Please install: HP Connect IT 9.41.P1
HISTORY Version:1 (rev.1) - 19 August 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. ============================================================================ Ubuntu Security Notice USN-2232-3 June 23, 2014
openssl regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 13.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
USN-2232-1 introduced a regression in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use renegotiation, such as PostgreSQL. This update fixes the problem.
Original advisory details:
J=C3=BCri Aedla discovered that OpenSSL incorrectly handled invalid DTLS fragments. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-0195) Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2014-0221) KIKUCHI Masashi discovered that OpenSSL incorrectly handled certain handshakes. (CVE-2014-0224) Felix Gr=C3=B6bert and Ivan Fratri=C4=87 discovered that OpenSSL incorrectly handled anonymous ECDH ciphersuites. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-3470)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.4
Ubuntu 13.10: libssl1.0.0 1.0.1e-3ubuntu1.6
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.16
Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.19
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2232-3 http://www.ubuntu.com/usn/usn-2232-1 https://launchpad.net/bugs/1332643
Package Information: https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.4 https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.6 https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.16 https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.19 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201407-05
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: July 27, 2014 Bugs: #512506 ID: 201407-05
Synopsis
Multiple vulnerabilities have been found in OpenSSL, possibly allowing remote attackers to execute arbitrary code.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.1h-r1 >= 0.9.8z_p5 >= 0.9.8z_p4 >= 0.9.8z_p1 >= 0.9.8z_p3 >= 0.9.8z_p2 >= 1.0.0m >= 1.0.1h-r1
Description
Multiple vulnerabilities have been discovered in OpenSSL.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1h-r1"
References
[ 1 ] CVE-2010-5298 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5298 [ 2 ] CVE-2014-0195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0195 [ 3 ] CVE-2014-0198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0198 [ 4 ] CVE-2014-0221 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0221 [ 5 ] CVE-2014-0224 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0224 [ 6 ] CVE-2014-3470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3470 [ 7 ] OpenSSL Security Advisory [05 Jun 2014] http://www.openssl.org/news/secadv_20140605.txt
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201407-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . The bulletin does not apply to any other 3rd party application (e.g. operating system, web server, or application server) that may be required to be installed by the customer according instructions in the product install guide. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04347622
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04347622 Version: 1
HPSBHF03052 rev.1 - HP Intelligent Management Center (iMC), HP Network Products including H3C and 3COM Routers and Switches running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Modification or Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2014-06-20 Last Updated: 2014-06-20
Potential Security Impact: Remote Denial of Service (DoS), code execution, unauthorized access, modification of information, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Intelligent Management Center (iMC), HP Network Products including 3COM and H3C routers and switches running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, modify or disclose information.
References:
CVE-2010-5298 Remote Denial of Service (DoS) or Modification of Information CVE-2014-0198 Remote Unauthorized Access (only iMC impacted) CVE-2014-0224 Remote Unauthorized Access or Disclosure of Information SSRT101561 Note: All products listed are impacted by CVE-2014-0224 . iMC is also impacted by CVE-2014-0198 and CVE-2010-5298
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Please refer to the RESOLUTION section below for a list of impacted products.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION On June 5th 2014, OpenSSL.org issued an advisory with several CVE vulnerabilities. HP Networking is working to release fixes for these vulnerabilities that impact the products in the table below. As fixed software is made available, this security bulletin will be updated to show the fixed versions. Until the software fixes are available, HP Networking is providing the following information including possible workarounds to mitigate the risks of these vulnerabilities.
Description
The most serious issue reported is CVE-2014-0224 and it is the one discussed here. To take advantage CVE-2014-0224, an attacker must:
be in between the OpenSSL client and OpenSSL server. be capable of intercepting and modifying packets between the OpenSSL client and OpenSSL server in real time.
Workarounds
HP Networking equipment is typically deployed inside firewalls and access to management interfaces and other protocols is more tightly controlled than in public environments. This deployment and security restrictions help to reduce the possibility of an attacker being able to intercept both OpenSSL client and OpenSSL server traffic.
Following the guidelines in the Hardening Comware-based devices can help to further reduce man-in-the-middle opportunities:
http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=c03536 920
For an HP Networking device acting as an OpenSSL Server, using a patched OpenSSL client or non-OpenSSL client eliminates the risk. As an example, most modern web browsers do not use the OpenSSL client and the sessions between the HP Networking OpenSSL server and the non-OpenSSL client are not at risk for this attack. For HP Networking Equipment that is using an OpenSSL client, patching the OpenSSL server will eliminate the risk of this attack.
Protocol Notes
The following details the protocols that use OpenSSL in Comware v5 and Comware v7:
Comware V7:
Server:
FIPS/HTTPS/Load Balancing/Session Initiation Protocol
Client:
Load Balancing/OpenFlow/Session Initiation Protocol/State Machine Based Anti-Spoofing/Dynamic DNS
Comware V5:
Server:
CAPWAP/EAP/SSLVPN
Client:
Dynamic DNS
Family Fixed Version HP Branded Products Impacted H3C Branded Products Impacted 3Com Branded Products Impacted
12900 Switch Series Fix in progress use mitigations JG619A HP FF 12910 Switch AC Chassis JG621A HP FF 12910 Main Processing Unit JG632A HP FF 12916 Switch AC Chassis JG634A HP FF 12916 Main Processing Unit
12500 Fix in progress use mitigations JC085A HP A12518 Switch Chassis JC086A HP A12508 Switch Chassis JC652A HP 12508 DC Switch Chassis JC653A HP 12518 DC Switch Chassis JC654A HP 12504 AC Switch Chassis JC655A HP 12504 DC Switch Chassis JF430A HP A12518 Switch Chassis JF430B HP 12518 Switch Chassis JF430C HP 12518 AC Switch Chassis JF431A HP A12508 Switch Chassis JF431B HP 12508 Switch Chassis JF431C HP 12508 AC Switch Chassis JC072B HP 12500 Main Processing Unit JC808A HP 12500 TAA Main Processing Unit H3C S12508 Routing Switch(AC-1) (0235A0GE) H3C S12518 Routing Switch(AC-1) (0235A0GF) H3C S12508 Chassis (0235A0E6) H3C S12508 Chassis (0235A38N) H3C S12518 Chassis (0235A0E7) H3C S12518 Chassis (0235A38M)
12500 (Comware v7) Fix in progress use mitigations JC085A HP A12518 Switch Chassis JC086A HP A12508 Switch Chassis JC652A HP 12508 DC Switch Chassis JC653A HP 12518 DC Switch Chassis JC654A HP 12504 AC Switch Chassis JC655A HP 12504 DC Switch Chassis JF430A HP A12518 Switch Chassis JF430B HP 12518 Switch Chassis JF430C HP 12518 AC Switch Chassis JF431A HP A12508 Switch Chassis JF431B HP 12508 Switch Chassis JF431C HP 12508 AC Switch Chassis JC072B HP 12500 Main Processing Unit JG497A HP 12500 MPU w/Comware V7 OS JG782A HP FF 12508E AC Switch Chassis JG783A HP FF 12508E DC Switch Chassis JG784A HP FF 12518E AC Switch Chassis JG785A HP FF 12518E DC Switch Chassis JG802A HP FF 12500E MPU H3C S12508 Routing Switch(AC-1) (0235A0GE) H3C S12518 Routing Switch(AC-1) (0235A0GF) H3C S12508 Chassis (0235A0E6) H3C S12508 Chassis (0235A38N) H3C S12518 Chassis (0235A0E7) H3C S12518 Chassis (0235A38M)
11900 Switch Series Fix in progress use mitigations JG608A HP FF 11908-V Switch Chassis JG609A HP FF 11900 Main Processing Unit
10500 Switch Series (Comware v5) Fix in progress use mitigations JC611A HP 10508-V Switch Chassis JC612A HP 10508 Switch Chassis JC613A HP 10504 Switch Chassis JC614A HP 10500 Main Processing Unit JC748A HP 10512 Switch Chassis JG375A HP 10500 TAA Main Processing Unit JG820A HP 10504 TAA Switch Chassis JG821A HP 10508 TAA Switch Chassis JG822A HP 10508-V TAA Switch Chassis JG823A HP 10512 TAA Switch Chassis
10500 Switch Series (Comware v7) Fix in progress use mitigations JC611A HP 10508-V Switch Chassis JC612A HP 10508 Switch Chassis JC613A HP 10504 Switch Chassis JC748A HP 10512 Switch Chassis JG820A HP 10504 TAA Switch Chassis JG821A HP 10508 TAA Switch Chassis JG822A HP 10508-V TAA Switch Chassis JG823A HP 10512 TAA Switch Chassis JG496A HP 10500 Type A MPU w/Comware v7 OS
9500E Fix in progress use mitigations JC124A HP A9508 Switch Chassis JC124B HP 9505 Switch Chassis JC125A HP A9512 Switch Chassis JC125B HP 9512 Switch Chassis JC474A HP A9508-V Switch Chassis JC474B HP 9508-V Switch Chassis H3C S9505E Routing-Switch Chassis (0235A0G6) H3C S9508E-V Routing-Switch Chassis (0235A38Q) H3C S9512E Routing-Switch Chassis (0235A0G7) H3C S9508E-V Routing-Switch Chassis (0235A38Q) H3C S9505E Chassis w/ Fans (0235A38P) H3C S9512E Chassis w/ Fans (0235A38R)
Router 8800 Fix in progress use mitigations JC147A HP A8802 Router Chassis JC147B HP 8802 Router Chassis JC148A HP A8805 Router Chassis JC148B HP 8805 Router Chassis JC149A HP A8808 Router Chassis JC149B HP 8808 Router Chassis JC150A HP A8812 Router Chassis JC150B HP 8812 Router Chassis JC141A HP 8802 Main Control Unit Module JC138A HP 8805/08/12 (1E) Main Cntrl Unit Mod JC137A HP 8805/08/12 (2E) Main Cntrl Unit Mod H3C SR8805 10G Core Router Chassis (0235A0G8) H3C SR8808 10G Core Router Chassis (0235A0G9) H3C SR8812 10G Core Router Chassis (0235A0GA) H3C SR8802 10G Core Router Chassis (0235A0GC) H3C SR8802 10G Core Router Chassis (0235A31B) H3C SR8805 10G Core Router Chassis (0235A31C) H3C SR8808 10G Core Router Chassis (0235A31D) H3C SR8812 10G Core Router Chassis (0235A31E)
7500 Switch Series Fix in progress use mitigations JC666A HP A7503-S 144 Gbps Fab/MPU w 24p Gig-T JC697A HP A7502 TAA Main Processing Unit JC698A HP A7503S 144 Gbps TAA Fab/MPU w 24p GbE JC699A HP A7500 384Gbps TAA Fab/MPU w 2p 10-GbE JC700A HP A7500 384 Gbps TAA Fabric / MPU JC701A HP A7510 768 Gbps TAA Fabric / MPU JD193A HP 384 Gbps A7500 Fab Mod w/2 XFP Ports JD193B HP 7500 384Gbps Fab Mod w/2 XFP Ports JD194A HP 384 Gbps Fabric A7500 Module JD194B HP 7500 384Gbps Fabric Module JD195A HP 7500 384Gbps Advanced Fabric Module JD196A HP 7502 Fabric Module JD220A HP 7500 768Gbps Fabric Module JD238A HP A7510 Switch Chassis JD238B HP 7510 Switch Chassis JD239A HP A7506 Switch Chassis JD239B HP 7506 Switch Chassis JD240A HP A7503 Switch Chassis JD240B HP 7503 Switch Chassis JD241A HP A7506 Vertical Switch Chassis JD241B HP 7506-V Switch Chassis JD242A HP A7502 Switch Chassis JD242B HP 7502 Switch Chassis JD243A HP A7503 Switch Chassis w/1 Fabric Slot JD243B HP 7503-S Switch Chassis w/1 Fabric Slot H3C S7502E Ethernet Switch Chassis with Fan (0235A0G4) H3C S7503E Ethernet Switch Chassis with Fan (0235A0G2) H3C S7503E-S Ethernet Switch Chassis with Fan (0235A0G5) H3C S7506E Ethernet Switch Chassis with Fan (0235A0G1) H3C S7506E-V Ethernet Switch Chassis with Fan (0235A0G3) H3C S7510E Ethernet Switch Chassis with Fan (0235A0G0) H3C S7502E Chassis w/ fans (0235A29A) H3C S7503E Chassis w/ fans (0235A27R) H3C S7503E-S Chassis w/ fans (0235A33R) H3C S7506E Chassis w/ fans (0235A27Q) H3C S7506E-V Chassis w/ fans (0235A27S)
HSR6800 Fix in progress use mitigations JG361A HP HSR6802 Router Chassis JG362A HP HSR6804 Router Chassis JG363A HP HSR6808 Router Chassis JG364A HP HSR6800 RSE-X2 Router MPU JG779A HP HSR6800 RSE-X2 Router TAA MPU
HSR6800 Russian Version Fix in progress use mitigations JG361A HP HSR6802 Router Chassis JG362A HP HSR6804 Router Chassis JG363A HP HSR6808 Router Chassis JG364A HP HSR6800 RSE-X2 Router MPU JG779A HP HSR6800 RSE-X2 Router TAA MPU
HSR6602 Fix in progress use mitigations JG353A HP HSR6602-G Router JG354A HP HSR6602-XG Router JG776A HP HSR6602-G TAA Router JG777A HP HSR6602-XG TAA Router
HSR6602 Russian Version Fix in progress use mitigations JG353A HP HSR6602-G Router JG354A HP HSR6602-XG Router JG776A HP HSR6602-G TAA Router JG777A HP HSR6602-XG TAA Router
A6600 Fix in progress use mitigations JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JC566A HP A6600 RSE-X1 Main Processing Unit JG780A HP 6600 RSE-X1 Router TAA MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
A6600 Russian Version Fix in progress use mitigations JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JC566A HP A6600 RSE-X1 Main Processing Unit JG780A HP 6600 RSE-X1 Router TAA MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
6600 MCP Fix in progress use mitigations JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JG778A HP 6600 MCP-X2 Router TAA MPU. JG355A HP 6600 MCP-X1 Router MPU JG356A HP 6600 MCP-X2 Router MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
6600 MCP Russian Version Fix in progress use mitigations JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JG778A HP 6600 MCP-X2 Router TAA MPU JG355A HP 6600 MCP-X1 Router MPU JG356A HP 6600 MCP-X2 Router MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
5920 Switch Series Fix in progress use mitigations JG296A HP 5920AF-24XG Switch JG555A HP 5920AF-24XG TAA Switch
5900 Switch Series Fix in progress use mitigations JC772A HP 5900AF-48XG-4QSFP+ Switch JG336A HP 5900AF-48XGT-4QSFP+ Switch JG510A HP 5900AF-48G-4XG-2QSFP+ Switch JG554A HP 5900AF-48XG-4QSFP+ TAA Switch JG838A HP FF 5900CP-48XG-4QSFP+ Switch
5900 Virtual Switch Fix in progress use mitigations JG814AAE HP Virtual Switch 5900v VMware E-LTU JG815AAE HP VSO SW for 5900v VMware E-LTU
5830 Switch Series Fix in progress use mitigations JC691A HP A5830AF-48G Switch w/1 Interface Slot JC694A HP A5830AF-96G Switch JG316A HP 5830AF-48G TAA Switch w/1 Intf Slot JG374A HP 5830AF-96G TAA Switch
5820 Switch Series Fix in progress use mitigations JC102A HP 5820-24XG-SFP+ Switch JC106A HP 5820-14XG-SFP+ Switch with 2 Slots JG219A HP 5820AF-24XG Switch JG243A HP 5820-24XG-SFP+ TAA-compliant Switch JG259A HP 5820X-14XG-SFP+ TAA Switch w 2 Slots H3C S5820X-28C 14 port (SFP Plus ) Plus 4-port BT (RJ45) Plus 2 media modules Plus OSM (0235A37L) H3C S5820X-28S 24-port 10GBASE-X (SFP Plus ) Plus 4-port 10/100/1000BASE-T (RJ45) (0235A370)
5800 Switch Series Fix in progress use mitigations JC099A HP 5800-24G-PoE Switch JC100A HP 5800-24G Switch JC101A HP 5800-48G Switch with 2 Slots JC103A HP 5800-24G-SFP Switch JC104A HP 5800-48G-PoE Switch JC105A HP 5800-48G Switch JG225A HP 5800AF-48G Switch JG242A HP 5800-48G-PoE+ TAA Switch w 2 Slots JG254A HP 5800-24G-PoE+ TAA-compliant Switch JG255A HP 5800-24G TAA-compliant Switch JG256A HP 5800-24G-SFP TAA Switch w 1 Intf Slt JG257A HP 5800-48G-PoE+ TAA Switch with 1 Slot JG258A HP 5800-48G TAA Switch w 1 Intf Slot H3C S5800-32C - 24-port 1BT Plus 4-port (SFP Plus ) Plus 1 media slot (0235A36U) H3C S5800-32C-PWR - 24-port 10/100/1000BASE-T (RJ45) Plus 4-port 10GBASE-X (SFP Plus ) Plus 1 media module PoE (0235A36S) H3C S5800-32F 24-port 1000BASE-X (SFP) Plus 4-port 10GBASE-X (SFP Plus ) Plus media module (no power) (0235A374) H3C S5800-56C 48-port 10/100/1000BASE-T (RJ45) Plus 4port 10GBASE-X (SFP Plus ) Plus media module (0235A379) H3C S5800-56C-PWR 48-port BT Plus 4 port (SFP Plus ) Plus media module (0235A378) H3C S5800-60C-PWR 48-port BT Plus 4-port SFP Plus 2 media modules Plus OSM (0235A36W)
5500 HI Switch Series Fix in progress use mitigations JG311A HP HI 5500-24G-4SFP w/2 Intf Slts Switch JG312A HP HI 5500-48G-4SFP w/2 Intf Slts Switch JG541A HP 5500-24G-PoE+-4SFP HI Switch w/2 Slt JG542A HP 5500-48G-PoE+-4SFP HI Switch w/2 Slt JG543A HP 5500-24G-SFP HI Switch w/2 Intf Slt JG679A HP 5500-24G-PoE+-4SFP HI TAA Swch w/2Slt JG680A HP 5500-48G-PoE+-4SFP HI TAA Swch w/2Slt JG681A HP 5500-24G-SFP HI TAA Swch w/2Slt
5500 EI Switch Series Fix in progress use mitigations JD373A HP 5500-24G DC EI Switch JD374A HP 5500-24G-SFP EI Switch JD375A HP 5500-48G EI Switch JD376A HP 5500-48G-PoE EI Switch JD377A HP 5500-24G EI Switch JD378A HP 5500-24G-PoE EI Switch JD379A HP 5500-24G-SFP DC EI Switch JG240A HP 5500-48G-PoE+ EI Switch w/2 Intf Slts JG241A HP 5500-24G-PoE+ EI Switch w/2 Intf Slts JG249A HP 5500-24G-SFP EI TAA Switch w 2 Slts JG250A HP 5500-24G EI TAA Switch w 2 Intf Slts JG251A HP 5500-48G EI TAA Switch w 2 Intf Slts JG252A HP 5500-24G-PoE+ EI TAA Switch w/2 Slts JG253A HP 5500-48G-PoE+ EI TAA Switch w/2 Slts H3C S5500-28C-EI Ethernet Switch (0235A253) H3C S5500-28F-EI Eth Switch AC Single (0235A24U) H3C S5500-52C-EI Ethernet Switch (0235A24X) H3C S5500-28C-EI-DC Ethernet Switch (0235A24S) H3C S5500-28C-PWR-EI Ethernet Switch (0235A255) H3C S5500-28F-EI Eth Swtch DC Single Pwr (0235A259) H3C S5500-52C-PWR-EI Ethernet Switch (0235A251)
5500 SI Switch Series Fix in progress use mitigations JD369A HP 5500-24G SI Switch JD370A HP 5500-48G SI Switch JD371A HP 5500-24G-PoE SI Switch JD372A HP 5500-48G-PoE SI Switch JG238A HP 5500-24G-PoE+ SI Switch w/2 Intf Slts JG239A HP 5500-48G-PoE+ SI Switch w/2 Intf Slts H3C S5500-28C-SI Ethernet Switch (0235A04U) H3C S5500-52C-SI Ethernet Switch (0235A04V) H3C S5500-28C-PWR-SI Ethernet Switch (0235A05H) H3C S5500-52C-PWR-SI Ethernet Switch (0235A05J)
5120 EI Switch Series Fix in progress use mitigations JE066A HP 5120-24G EI Switch JE067A HP 5120-48G EI Switch JE068A HP 5120-24G EI Switch with 2 Slots JE069A HP 5120-48G EI Switch with 2 Slots JE070A HP 5120-24G-PoE EI Switch with 2 Slots JE071A HP 5120-48G-PoE EI Switch with 2 Slots JG236A HP 5120-24G-PoE+ EI Switch w/2 Intf Slts JG237A HP 5120-48G-PoE+ EI Switch w/2 Intf Slts JG245A HP 5120-24G EI TAA Switch w 2 Intf Slts JG246A HP 5120-48G EI TAA Switch w 2 Intf Slts JG247A HP 5120-24G-PoE+ EI TAA Switch w 2 Slts JG248A HP 5120-48G-PoE+ EI TAA Switch w 2 Slts H3C S5120-24P-EI 24GE Plus 4ComboSFP (0235A0BQ) H3C S5120-28C-EI 24GE Plus 4Combo Plus 2Slt (0235A0BS) H3C S5120-48P-EI 48GE Plus 4ComboSFP (0235A0BR) H3C S5120-52C-EI 48GE Plus 4Combo Plus 2Slt (0235A0BT) H3C S5120-28C-PWR-EI 24G Plus 4C Plus 2S Plus POE (0235A0BU) H3C S5120-52C-PWR-EI 48G Plus 4C Plus 2S Plus POE (0235A0BV)
5120 SI switch Series Fix in progress use mitigations JE072A HP 5120-48G SI Switch JE073A HP 5120-16G SI Switch JE074A HP 5120-24G SI Switch JG091A HP 5120-24G-PoE+ (370W) SI Switch JG092A HP 5120-24G-PoE+ (170W) SI Switch H3C S5120-52P-SI 48GE Plus 4 SFP (0235A41W) H3C S5120-20P-SI L2 16GE Plus 4SFP (0235A42B) H3C S5120-28P-SI 24GE Plus 4 SFP (0235A42D) H3C S5120-28P-HPWR-SI (0235A0E5) H3C S5120-28P-PWR-SI (0235A0E3)
4800 G Switch Series Fix in progress use mitigations JD007A HP 4800-24G Switch JD008A HP 4800-24G-PoE Switch JD009A HP 4800-24G-SFP Switch JD010A HP 4800-48G Switch JD011A HP 4800-48G-PoE Switch
3Com Switch 4800G 24-Port (3CRS48G-24-91) 3Com Switch 4800G 24-Port SFP (3CRS48G-24S-91) 3Com Switch 4800G 48-Port (3CRS48G-48-91) 3Com Switch 4800G PWR 24-Port (3CRS48G-24P-91) 3Com Switch 4800G PWR 48-Port (3CRS48G-48P-91)
4510G Switch Series Fix in progress use mitigations JF428A HP 4510-48G Switch JF847A HP 4510-24G Switch
3Com Switch 4510G 48 Port (3CRS45G-48-91) 3Com Switch 4510G PWR 24-Port (3CRS45G-24P-91) 3Com Switch E4510-24G (3CRS45G-24-91)
4210G Switch Series Fix in progress use mitigations JF844A HP 4210-24G Switch JF845A HP 4210-48G Switch JF846A HP 4210-24G-PoE Switch
3Com Switch 4210-24G (3CRS42G-24-91) 3Com Switch 4210-48G (3CRS42G-48-91) 3Com Switch E4210-24G-PoE (3CRS42G-24P-91)
3610 Switch Series Fix in progress use mitigations JD335A HP 3610-48 Switch JD336A HP 3610-24-4G-SFP Switch JD337A HP 3610-24-2G-2G-SFP Switch JD338A HP 3610-24-SFP Switch H3C S3610-52P - model LS-3610-52P-OVS (0235A22C) H3C S3610-28P - model LS-3610-28P-OVS (0235A22D) H3C S3610-28TP - model LS-3610-28TP-OVS (0235A22E) H3C S3610-28F - model LS-3610-28F-OVS (0235A22F)
3600 V2 Switch Series Fix in progress use mitigations JG299A HP 3600-24 v2 EI Switch JG300A HP 3600-48 v2 EI Switch JG301A HP 3600-24-PoE+ v2 EI Switch JG301B HP 3600-24-PoE+ v2 EI Switch JG302A HP 3600-48-PoE+ v2 EI Switch JG302B HP 3600-48-PoE+ v2 EI Switch JG303A HP 3600-24-SFP v2 EI Switch JG304A HP 3600-24 v2 SI Switch JG305A HP 3600-48 v2 SI Switch JG306A HP 3600-24-PoE+ v2 SI Switch JG306B HP 3600-24-PoE+ v2 SI Switch JG307A HP 3600-48-PoE+ v2 SI Switch JG307B HP 3600-48-PoE+ v2 SI Switch
3100V2 Fix in progress use mitigations JD313B HP 3100-24-PoE v2 EI Switch JD318B HP 3100-8 v2 EI Switch JD319B HP 3100-16 v2 EI Switch JD320B HP 3100-24 v2 EI Switch JG221A HP 3100-8 v2 SI Switch JG222A HP 3100-16 v2 SI Switch JG223A HP 3100-24 v2 SI Switch
3100V2-48 Fix in progress use mitigations JG315A HP 3100-48 v2 Switch
1910 Fix in progress use mitigations JE005A HP 1910-16G Switch JE006A HP 1910-24G Switch JE007A HP 1910-24G-PoE (365W) Switch JE008A HP 1910-24G-PoE(170W) Switch JE009A HP 1910-48G Switch JG348A HP 1910-8G Switch JG349A HP 1910-8G-PoE+ (65W) Switch JG350A HP 1910-8G-PoE+ (180W) Switch 3Com Baseline Plus Switch 2900 Gigabit Family - 52 port (3CRBSG5293) 3Com Baseline Plus Switch 2900G - 20 port (3CRBSG2093) 3Com Baseline Plus Switch 2900G - 28 port (3CRBSG2893) 3Com Baseline Plus Switch 2900G - 28HPWR (3CRBSG28HPWR93) 3Com Baseline Plus Switch 2900G - 28PWR (3CRBSG28PWR93)
1810v1 P2 Fix in progress use mitigations J9449A HP 1810-8G Switch J9450A HP 1810-24G Switch
1810v1 PK Fix in progress use mitigations J9660A HP 1810-48G Switch
MSR20 Fix in progress use mitigations JD432A HP A-MSR20-21 Multi-Service Router JD662A HP MSR20-20 Multi-Service Router JD663A HP MSR20-21 Multi-Service Router JD663B HP MSR20-21 Router JD664A HP MSR20-40 Multi-Service Router JF228A HP MSR20-40 Router JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324) H3C RT-MSR2040-AC-OVS-H3 (0235A326) H3C MSR 20-20 (0235A19H) H3C MSR 20-21 (0235A325) H3C MSR 20-40 (0235A19K) H3C MSR-20-21 Router (0235A19J)
MSR20-1X Fix in progress use mitigations JD431A HP MSR20-10 Router JD667A HP MSR20-15 IW Multi-Service Router JD668A HP MSR20-13 Multi-Service Router JD669A HP MSR20-13 W Multi-Service Router JD670A HP MSR20-15 A Multi-Service Router JD671A HP MSR20-15 AW Multi-Service Router JD672A HP MSR20-15 I Multi-Service Router JD673A HP MSR20-11 Multi-Service Router JD674A HP MSR20-12 Multi-Service Router JD675A HP MSR20-12 W Multi-Service Router JD676A HP MSR20-12 T1 Multi-Service Router JF236A HP MSR20-15-I Router JF237A HP MSR20-15-A Router JF238A HP MSR20-15-I-W Router JF239A HP MSR20-11 Router JF240A HP MSR20-13 Router JF241A HP MSR20-12 Router JF806A HP MSR20-12-T Router JF807A HP MSR20-12-W Router JF808A HP MSR20-13-W Router JF809A HP MSR20-15-A-W Router JF817A HP MSR20-15 Router JG209A HP MSR20-12-T-W Router (NA) JG210A HP MSR20-13-W Router (NA) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8) H3C MSR 20-10 (0235A0A7) H3C RT-MSR2011-AC-OVS-H3 (0235A395) H3C RT-MSR2012-AC-OVS-H3 (0235A396) H3C RT-MSR2012-AC-OVS-W-H3 (0235A397) H3C RT-MSR2012-T-AC-OVS-H3 (0235A398) H3C RT-MSR2013-AC-OVS-H3 (0235A390) H3C RT-MSR2013-AC-OVS-W-H3 (0235A391) H3C RT-MSR2015-AC-OVS-A-H3 (0235A392) H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393) H3C RT-MSR2015-AC-OVS-I-H3 (0235A394) H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V) H3C MSR 20-11 (0235A31V) H3C MSR 20-12 (0235A32E) H3C MSR 20-12 T1 (0235A32B) H3C MSR 20-13 (0235A31W) H3C MSR 20-13 W (0235A31X) H3C MSR 20-15 A (0235A31Q) H3C MSR 20-15 A W (0235A31R) H3C MSR 20-15 I (0235A31N) H3C MSR 20-15 IW (0235A31P) H3C MSR20-12 W (0235A32G)
MSR30 Fix in progress use mitigations JD654A HP MSR30-60 POE Multi-Service Router JD657A HP MSR30-40 Multi-Service Router JD658A HP MSR30-60 Multi-Service Router JD660A HP MSR30-20 POE Multi-Service Router JD661A HP MSR30-40 POE Multi-Service Router JD666A HP MSR30-20 Multi-Service Router JF229A HP MSR30-40 Router JF230A HP MSR30-60 Router JF232A HP RT-MSR3040-AC-OVS-AS-H3 JF235A HP MSR30-20 DC Router JF284A HP MSR30-20 Router JF287A HP MSR30-40 DC Router JF801A HP MSR30-60 DC Router JF802A HP MSR30-20 PoE Router JF803A HP MSR30-40 PoE Router JF804A HP MSR30-60 PoE Router H3C MSR 30-20 Router (0235A328) H3C MSR 30-40 Router Host(DC) (0235A268) H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322) H3C RT-MSR3020-DC-OVS-H3 (0235A267) H3C RT-MSR3040-AC-OVS-H (0235A299) H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323) H3C RT-MSR3060-AC-OVS-H3 (0235A320) H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296) H3C RT-MSR3060-DC-OVS-H3 (0235A269) H3C MSR 30-20 RTVZ33020AS Router Host(AC) (0235A20S) H3C MSR 30-20 (0235A19L) H3C MSR 30-20 POE (0235A239) H3C MSR 30-40 (0235A20J) H3C MSR 30-40 POE (0235A25R) H3C MSR 30-60 (0235A20K) H3C MSR 30-60 POE (0235A25S) H3C RT-MSR3040-AC-OVS-AS-H3 (0235A20V)
MSR30-16 Fix in progress use mitigations JD659A HP MSR30-16 POE Multi-Service Router JD665A HP MSR30-16 Multi-Service Router JF233A HP MSR30-16 Router JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327) H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321) H3C MSR 30-16 (0235A237) H3C MSR 30-16 POE (0235A238)
MSR30-1X Fix in progress use mitigations JF800A HP MSR30-11 Router JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr JG182A HP MSR30-11E Router JG183A HP MSR30-11F Router JG184A HP MSR30-10 DC Router H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H) H3C RT-MSR3011-AC-OVS-H3 (0235A29L)
MSR50 Fix in progress use mitigations JD433A HP MSR50-40 Router JD653A HP MSR50 Processor Module JD655A HP MSR50-40 Multi-Service Router JD656A HP MSR50-60 Multi-Service Router JF231A HP MSR50-60 Router JF285A HP MSR50-40 DC Router JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297) H3C MSR5040-DC-OVS-H3C (0235A20P) H3C RT-MSR5060-AC-OVS-H3 (0235A298) H3C MSR 50-40 Chassis (0235A20N) H3C MSR 50-60 Chassis (0235A20L)
MSR50-G2 Fix in progress use mitigations JD429A HP MSR50 G2 Processor Module JD429B HP MSR50 G2 Processor Module H3C H3C MSR 50 Processor Module-G2 (0231A84Q) H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD(0231A0KL)
MSR20 Russian version Fix in progress use mitigations JD663B HP MSR20-21 Router JF228A HP MSR20-40 Router JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324) H3C RT-MSR2040-AC-OVS-H3 (0235A326)
MSR20-1X Russian version Fix in progress use mitigations JD431A HP MSR20-10 Router JF236A HP MSR20-15-I Router JF237A HP MSR20-15-A Router JF238A HP MSR20-15-I-W Router JF239A HP MSR20-11 Router JF240A HP MSR20-13 Router JF241A HP MSR20-12 Router JF806A HP MSR20-12-T Router JF807A HP MSR20-12-W Router JF808A HP MSR20-13-W Router JF809A HP MSR20-15-A-W Router JF817A HP MSR20-15 Router H3C MSR 20-10 (0235A0A7) H3C RT-MSR2015-AC-OVS-I-H3 (0235A394) H3C RT-MSR2015-AC-OVS-A-H3 (0235A392) H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393) H3C RT-MSR2011-AC-OVS-H3 (0235A395) H3C RT-MSR2013-AC-OVS-H3 (0235A390) H3C RT-MSR2012-AC-OVS-H3 (0235A396) H3C RT-MSR2012-T-AC-OVS-H3 (0235A398) H3C RT-MSR2012-AC-OVS-W-H3 (0235A397) H3C RT-MSR2013-AC-OVS-W-H3 (0235A391) H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)
MSR30 Russian version Fix in progress use mitigations JF229A HP MSR30-40 Router JF230A HP MSR30-60 Router JF235A HP MSR30-20 DC Router JF284A HP MSR30-20 Router JF287A HP MSR30-40 DC Router JF801A HP MSR30-60 DC Router JF802A HP MSR30-20 PoE Router JF803A HP MSR30-40 PoE Router JF804A HP MSR30-60 PoE Router H3C RT-MSR3040-AC-OVS-H (0235A299) H3C RT-MSR3060-AC-OVS-H3 (0235A320) H3C RT-MSR3020-DC-OVS-H3 (0235A267) H3C MSR 30-20 Router (0235A328) H3C MSR 30-40 Router Host(DC) (0235A268) H3C RT-MSR3060-DC-OVS-H3 (0235A269) H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322) H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323) H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)
MSR30-1X Russian version Fix in progress use mitigations JF800A HP MSR30-11 Router JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr JG182A HP MSR30-11E Router JG183A HP MSR30-11F Router JG184A HP MSR30-10 DC Router H3C RT-MSR3011-AC-OVS-H3 (0235A29L) H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)
MSR30-16 Russian version Fix in progress use mitigations JF233A HP MSR30-16 Router JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327) H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)
MSR50 Russian version Fix in progress use mitigations JD433A HP MSR50-40 Router JD653A HP MSR50 Processor Module JD655A HP MSR50-40 Multi-Service Router JD656A HP MSR50-60 Multi-Service Router JF231A HP MSR50-60 Router JF285A HP MSR50-40 DC Router JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297) H3C MSR 50 Processor Module (0231A791) H3C MSR 50-40 Chassis (0235A20N) H3C MSR 50-60 Chassis (0235A20L) H3C RT-MSR5060-AC-OVS-H3 (0235A298) H3C MSR5040-DC-OVS-H3C (0235A20P)
MSR50 G2 Russian version Fix in progress use mitigations JD429B HP MSR50 G2 Processor Module H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD (0231A0KL)
MSR9XX Fix in progress use mitigations JF812A HP MSR900 Router JF813A HP MSR920 Router JF814A HP MSR900-W Router JF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr JG207A HP MSR900-W Router (NA) JG208A HP MSR920-W Router (NA) H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2) H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX) H3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4) H3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0)
MSR9XX Russian version Fix in progress use mitigations JF812A HP MSR900 Router JF813A HP MSR920 Router JF814A HP MSR900-W Router JF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX) H3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0) H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2) H3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4)
MSR93X Fix in progress use mitigations JG511A HP MSR930 Router JG512A HP MSR930 Wireless Router JG513A HP MSR930 3G Router JG514A HP MSR931 Router JG515A HP MSR931 3G Router JG516A HP MSR933 Router JG517A HP MSR933 3G Router JG518A HP MSR935 Router JG519A HP MSR935 Wireless Router JG520A HP MSR935 3G Router JG531A HP MSR931 Dual 3G Router JG596A HP MSR930 4G LTE/3G CDMA Router JG597A HP MSR936 Wireless Router JG665A HP MSR930 4G LTE/3G WCDMA Global Router JG704A HP MSR930 4G LTE/3G WCDMA ATT Router
MSR93X Russian version Fix in progress use mitigations JG511A HP MSR930 Router JG512A HP MSR930 Wireless Router JG513A HP MSR930 3G Router JG514A HP MSR931 Router JG515A HP MSR931 3G Router JG516A HP MSR933 Router JG517A HP MSR933 3G Router JG518A HP MSR935 Router JG519A HP MSR935 Wireless Router JG520A HP MSR935 3G Router JG531A HP MSR931 Dual 3G Router JG596A HP MSR930 4G LTE/3G CDMA Router JG597A HP MSR936 Wireless Router JG665A HP MSR930 4G LTE/3G WCDMA Global Router JG704A HP MSR930 4G LTE/3G WCDMA ATT Router
MSR1000 Fix in progress use mitigations JG732A HP MSR1003-8 AC Router
MSR2000 Fix in progress use mitigations JG411A HP MSR2003 AC Router
MSR3000 Fix in progress use mitigations JG404A HP MSR3064 Router JG405A HP MSR3044 Router JG406A HP MSR3024 AC Router JG409A HP MSR3012 AC Router JG861A HP MSR3024 TAA-compliant AC Router
MSR4000 Fix in progress use mitigations JG402A HP MSR4080 Router Chassis JG403A HP MSR4060 Router Chassis JG412A HP MSR4000 MPU-100 Main Processing Unit
F5000 Fix in progress use mitigations JG216A HP F5000 Firewall Standalone Chassis JD259A HP A5000-A5 VPN Firewall Chassis H3C SecPath F5000-A5 Host System (0150A0AG)
U200S and CS Fix in progress use mitigations JD268A HP 200-CS UTM Appliance JD273A HP U200-S UTM Appliance H3C SecPath U200-S (0235A36N)
U200A and M Fix in progress use mitigations JD274A HP 200-M UTM Appliance JD275A HP U200-A UTM Appliance H3C SecPath U200-A (0235A36Q)
F1000A and S Fix in progress use mitigations JD270A HP S1000-S VPN Firewall Appliance JD271A HP S1000-A VPN Firewall Appliance JG213A HP F1000-S-EI VPN Firewall Appliance JG214A HP F1000-A-EI VPN Firewall Appliance
SecBlade FW Fix in progress use mitigations JC635A HP 12500 VPN Firewall Module JD245A HP 9500 VPN Firewall Module JD249A HP 10500/7500 Advanced VPN Firewall Mod JD250A HP 6600 Firewall Processing Rtr Module JD251A HP 8800 Firewall Processing Module JD255A HP 5820 VPN Firewall Module H3C S9500E SecBlade VPN Firewall Module (0231A0AV) H3C S7500E SecBlade VPN Firewall Module (0231A832) H3C SR66 Gigabit Firewall Module (0231A88A) H3C SR88 Firewall Processing Module (0231A88L) H3C S5820 SecBlade VPN Firewall Module (0231A94J)
F1000E Fix in progress use mitigations JD272A HP S1000-E VPN Firewall Appliance
VSR1000 Fix in progress use mitigations JG810AAE HP VSR1001 Virtual Services Router JG811AAE HP VSR1001 Virtual Services Router JG812AAE HP VSR1004 Virtual Services Router JG813AAE HP VSR1008 Virtual Services Router
WX5002/5004 Fix in progress use mitigations JD441A HP 5800 ACM for 64-256 APs JD447B HP WX5002 Access Controller JD448A HP A-WX5004 Access Controller JD448B HP WX5004 Access Controller JD469A HP A-WX5004 (3Com) Access Controller JG261A HP 5800 Access Controller OAA TAA Mod
HP 850/870 Fix in progress use mitigations JG723A HP 870 Unified Wired-WLAN Appliance JG725A HP 870 Unifd Wrd-WLAN TAA Applnc
HP 830 Fix in progress use mitigations JG640A HP 830 24P PoE+ Unifd Wired-WLAN Swch JG641A HP 830 8P PoE+ Unifd Wired-WLAN Swch JG646A HP 830 24-Port PoE+ Wrd-WLAN TAA Switch JG647A HP 830 8-Port PoE+ Wrd-WLAN TAA Switch
HP 6000 Fix in progress use mitigations JG639A HP 10500/7500 20G Unified Wired-WLAN Mod JG645A HP 10500/7500 20G Unifd Wrd-WLAN TAA Mod
M220 Fix in progress use mitigations J9798A HP M220 802.11n AM Access Point J9799A HP M220 802.11n WW Access Point
NGFW Fix in progress use mitigations JC882A HP S1050F NGFW Aplnc w/DVLabs 1-yr Lic JC883A HP S3010F NGFW Aplnc w/DVLabs 1-yr Lic JC884A HP S3020F NGFW Aplnc w/DVLabs 1-yr Lic JC885A HP S8005F NGFW Aplnc w/DVLabs 1-yr Lic JC886A HP S8010F NGFW Aplnc w/DVLabs 1-yr Lic
iMC UAM 7.0 Fix in progress use mitigations JD144A HP IMC UAM S/W Module w/200-User License JF388A HP IMC UAM S/W Module w/200-user License JD435A HP IMC EAD Client Software JF388AAE HP IMC UAM S/W Module w/200-user E-LTU JG752AAE HP IMC UAM SW Mod w/ 50-user E-LTU
iMC EAD 7.0 Fix in progress use mitigations JF391AAE HP IMC EAD S/W Module w/200-user E-LTU JG754AAE HP IMC EAD SW Module w/ 50-user E-LTU JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License JF391A HP IMC EAD S/W Module w/200-user License
iMC PLAT 7.0 Fix in progress use mitigations JF377AAE HP IMC Standard Edition Software Platform with 100-node E-LTU JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU JG747AAE HP IMC Standard Software Platform with 50-node E-LTU JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU JD125A HP IMC Standard Edition Software Platform with 100-node License JD815A HP IMC Standard Edition Software Platform with 100-node License JD816A HP A-IMC Standard Edition Software DVD Media JF377A HP IMC Standard Edition Software Platform with 100-node License JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU TJ635AAE HP IMC for ANM 50 node pack SW E-LTU (On HP Softwares CPL not HPNs) JF378AAE HP IMC Enterprise Edition Software Platform with 200-Node E-LTU JG748AAE HP IMC Enterprise Software Platform with 50-node E-LTU JD126A HP A-IMC Enterprise Software Platform with 200-node License JD808A HP A-IMC Enterprise Software Platform with 200-node License JD814A HP A-IMC Enterprise Edition Software DVD Media JF378A HP IMC Enterprise Edition Software Platform with 200-node License JG546AAE HP IMC Basic SW Platform w/50-node E-LTU JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU JG550AAE HP PMM to IMC Bsc WLM Upgr w/150 AP E-LTU JG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU JG659AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU JG766AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU JG660AAE HP IMC Smart Connect w / WLAN Manager Virtual Appliance Edition E-LTU JG767AAE HP IMC Smart Connect with Wireless Service Manager Virtual Appliance Software E-LTU
HISTORY Version:1 (rev.1) - 20 June 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlOkrM4ACgkQ4B86/C0qfVn7/QCeK5T1H9dXfVQgIKSr5USqLmvq CtMAnjujH7e5aXfIOvxyyuB0FcSwIWCM =CEL7 -----END PGP SIGNATURE----- . OpenSSL is a 3rd party product that is embedded with some HP printer products. This bulletin notifies HP Printer customers about impacted products. To obtain the updated firmware, go to www.hp.com and follow these steps:
Select "Drivers & Software". Enter the appropriate product name listed in the table below into the search field. Click on "Search". Click on the appropriate product. Under "Select operating system" click on "Cross operating system (BIOS, Firmware, Diagnostics, etc.)" Note: If the "Cross operating system ..." link is not present, select applicable Windows operating system from the list. Select the appropriate firmware update under "Firmware".
Firmware Updates Table
Product Name Model Number Firmware Revision
HP Color LaserJet CM4540 MFP CC419A, CC420A, CC421A v 2302963_436067 (or higher)
HP Color LaserJet CP5525 CE707A,CE708A,CE709A v 2302963_436070 (or higher)
HP Color LaserJet Enterprise M750 D3L08A, D3L09A, D3L10A v 2302963_436077 (or higher)
HP Color LaserJet M651 CZ255A, CZ256A, CZ257A, CZ258A v 2302963_436073 (or higher)
HP Color LaserJet M680 CZ248A, CZ249A v 2302963_436072 (or higher)
HP Color LaserJet Flow M680 CZ250A, CA251A v 2302963_436072 (or higher)
HP LaserJet Enterprise 500 color MFP M575dn CD644A, CD645A v 2302963_436081 (or higher)
HP LaserJet Enterprise 500 MFP M525f CF116A, CF117A v 2302963_436069 (or higher)
HP LaserJet Enterprise 600 M601 Series CE989A, CE990A v 2302963_436082 (or higher)
HP LaserJet Enterprise 600 M602 Series CE991A, CE992A, CE993A v 2302963_436082 (or higher)
HP LaserJet Enterprise 600 M603 Series CE994A, CE995A, CE996A v 2302963_436082 (or higher)
HP LaserJet Enterprise MFP M630 series B3G84A, B3G85A, B3G86A, J7X28A v 2303714_233000041 (or higher)
HP LaserJet Enterprise 700 color M775 series CC522A, CC523A, CC524A, CF304A v 2302963_436079 (or higher)
HP LaserJet Enterprise 700 M712 series CF235A, CF236A, CF238A v 2302963_436080 (or higher)
HP LaserJet Enterprise 800 color M855 A2W77A, A2W78A, A2W79A v 2302963_436076 (or higher)
HP LaserJet Enterprise 800 color MFP M880 A2W76A, A2W75A, D7P70A, D7P71A v 2302963_436068 (or higher)
HP LaserJet Enterprise Color 500 M551 Series CF081A,CF082A,CF083A v 2302963_436083 (or higher)
HP LaserJet Enterprise color flow MFP M575c CD646A v 2302963_436081 (or higher)
HP LaserJet Enterprise flow M830z MFP CF367A v 2302963_436071 (or higher)
HP LaserJet Enterprise flow MFP M525c CF118A v 2302963_436069 (or higher)
HP LaserJet Enterprise M4555 MFP CE502A,CE503A, CE504A, CE738A v 2302963_436064 (or higher)
HP LaserJet Enterprise M806 CZ244A, CZ245A v 2302963_436075 (or higher)
HP LaserJet Enterprise MFP M725 CF066A, CF067A, CF068A, CF069A v 2302963_436078 (or higher)
HP Scanjet Enterprise 8500 Document Capture Workstation L2717A, L2719A v 2302963_436065 (or higher)
OfficeJet Enterprise Color MFP X585 B5L04A, B5L05A,B5L07A v 2302963_436066 (or higher)
OfficeJet Enterprise Color X555 C2S11A, C2S12A v 2302963_436074 (or higher)
HP Color LaserJet CP3525 CC468A, CC469A, CC470A, CC471A v 06.183.1 (or higher)
HP LaserJet M4345 Multifunction Printer CB425A, CB426A, CB427A, CB428A v 48.306.1 (or higher)
HP LaserJet M5025 Multifunction Printer Q7840A v 48.306.1 (or higher)
HP Color LaserJet CM6040 Multifunction Printer Q3938A, Q3939A v 52.256.1 (or higher)
HP Color LaserJet Enterprise CP4525 CC493A, CC494A, CC495A v 07.164.1 (or higher)
HP Color LaserJet Enterprise CP4025 CC489A, CC490A v 07.164.1 (or higher)
HP LaserJet M5035 Multifunction Printer Q7829A, Q7830A, Q7831A v 48.306.1 (or higher)
HP LaserJet M9050 Multifunction Printer CC395A v 51.256.1 (or higher)
HP LaserJet M9040 Multifunction Printer CC394A v 51.256.1 (or higher)
HP Color LaserJet CM4730 Multifunction Printer CB480A, CB481A, CB482A, CB483A v 50.286.1 (or higher)
HP LaserJet M3035 Multifunction Printer CB414A, CB415A, CC476A, CC477A v 48.306.1 (or higher)
HP 9250c Digital Sender CB472A v 48.293.1 (or higher)
HP LaserJet Enterprise P3015 CE525A,CE526A,CE527A,CE528A,CE595A v 07.186.1 (or higher)
HP LaserJet M3027 Multifunction Printer CB416A, CC479A v 48.306.1 (or higher)
HP LaserJet CM3530 Multifunction Printer CC519A, CC520A v 53.236.1 (or higher)
HP Color LaserJet CP6015 Q3931A, Q3932A, Q3933A, Q3934A, Q3935A v 04.203.1 (or higher)
HP LaserJet P4515 CB514A,CB515A, CB516A, CB517A v 04.213.1 (or higher)
HP Color LaserJet CM6030 Multifunction Printer CE664A, CE665A v 52.256.1 (or higher)
HP LaserJet P4015 CB509A, CB526A, CB511A, CB510A v 04.213.1 (or higher)
HP LaserJet P4014 CB507A, CB506A, CB512A v 04.213.1 (or higher)
HISTORY Version:1 (rev.1) - 22 September 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201406-0445",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "6.2.3"
},
{
"model": "jboss enterprise web server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "2.0.1"
},
{
"model": "jboss enterprise web platform",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "5.2.0"
},
{
"model": "power",
"scope": "eq",
"trust": 1.2,
"vendor": "ibm",
"version": "7200"
},
{
"model": "powerlinux 7r2",
"scope": "eq",
"trust": 1.2,
"vendor": "ibm",
"version": "0"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8za"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "rox",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.16.1"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"model": "application processing engine",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0.2"
},
{
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.4.2"
},
{
"model": "s7-1500",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.6"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.2.0"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.29"
},
{
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "2.7.8"
},
{
"model": "server",
"scope": "lt",
"trust": 1.0,
"vendor": "filezilla",
"version": "0.9.45"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"model": "storage",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.4.0"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.13"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4"
},
{
"model": "cp1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1.25"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "2.7.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7100"
},
{
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7400"
},
{
"model": "powerlinux 7r1",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "0"
},
{
"model": "bladecenter advanced management module 3.66e",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.9,
"vendor": "juniper",
"version": null
},
{
"model": "power express",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "5200"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "11.4"
},
{
"model": "junos 11.4r9",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7700"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.1"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.0"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "5700"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7800"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7300"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7500"
},
{
"model": "junos 10.4s15",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "junos 13.2r2",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos 10.4r15",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "11.1"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "junos 13.3r1",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos 10.4s",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "11.2"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "11.4x27"
},
{
"model": "junos 11.4r8",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos 10.4r16",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x45-d10",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "junos 12.1r7",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8n"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8q"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8o"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.110.6"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "power ps702",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.30"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.117"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.112"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.46"
},
{
"model": "chrome for android",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "35.0.1916.141"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.6"
},
{
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.1"
},
{
"model": "oncommand performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v210.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.10"
},
{
"model": "idataplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79120"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.155"
},
{
"model": "laserjet pro color printer m251n/nw cf147a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20020140919"
},
{
"model": "horizon view feature pack",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.5"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "cp1543-1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2.2"
},
{
"model": "vsphere virtual disk development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "fortimanager",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "laserjet p2055 printer series ce460a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20141201"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.35"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datafort e-series",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571471.43"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2-480"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "junos 11.4r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.4"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.6.10"
},
{
"model": "junos 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos space ja1500 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x571431.43"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"model": "laserjet printer series q7543a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "proxyav",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5"
},
{
"model": "laserjet enterprise flow mfp m525c cf118a 2302963 436069",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.20"
},
{
"model": "fortios b0537",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.06"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "laserjet enterprise m806 cz244a 2302963 436075",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.3"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "9.1-release-p15",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "laserjet enterprise color m775 series cf304a 2302963 436079",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "fortirecorder",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.4.2"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.00"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.3.3"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.32"
},
{
"model": "laserjet enterprise mfp m525f cf117a 2302963 436069",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "laserjet enterprise color m775 series cc522a 2302963 436079",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.7"
},
{
"model": "secure analytics 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet enterprise color mfp m880 d7p70a 2302963 436068",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.6"
},
{
"model": "laserjet pro color mfp m276n/nw cf145a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20020140919"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.1.100.3"
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "laserjet m9050 multifunction printer cc395a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310025820"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "34.0"
},
{
"model": "junos 13.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "integrity superdome and hp converged system for sap hana",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x9005.50.12"
},
{
"model": "asset manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.20"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.3"
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.8"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "sdn for virtual environments",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.2"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.5.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.2"
},
{
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7400"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.38"
},
{
"model": "tivoli workload scheduler distributed ga level",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"model": "snapprotect",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "junos r8-s2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.34"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "color laserjet enterprise cp4525 cc495a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "10.0-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.49"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.342"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "oneview",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.10"
},
{
"model": "laserjet enterprise mfp m725 cf069a 2302963 436078",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.53"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.0.1"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.48"
},
{
"model": "nvp",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.2.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.1"
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.7"
},
{
"model": "database and middleware automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "tivoli netcool/system service monitor fp11",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "tekelec hlr router",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "open systems snapvault agent",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7"
},
{
"model": "laserjet p4515 cb515a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "laserjet pro mfp m425dn/dw cf286a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020140919"
},
{
"model": "laserjet enterprise m712 series cf236a 2302963 436080",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.49"
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"model": "idol speech software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.5.0.16091"
},
{
"model": "laserjet enterprise color m551 series cf082a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.124"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.10"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.32"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.14"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "laserjet enterprise mfp m725 cf066a 2302963 436078",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"model": "websphere mq",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.10"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "wx5002/5004 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "netscaler 9.3.e",
"scope": null,
"trust": 0.3,
"vendor": "citrix",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.71"
},
{
"model": "laserjet m9040 multifunction printer cc394a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "51.256.1"
},
{
"model": "updatexpress system packs installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.46"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "junos space 13.3r1.8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "proxyav",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.4"
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "enterprise communications broker pcz2.0.0m4p5",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.1"
},
{
"model": "aura application server sip core pb23",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "vsr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.33"
},
{
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os beta",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.130.14"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.10"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.14"
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.16"
},
{
"model": "junos r4-s2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.128.3"
},
{
"model": "virtuozzo containers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "4.6"
},
{
"model": "laserjet p4015 cb526a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "laserjet enterprise mfp m630 series j7x28a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "laserjet p3005 printer series q7813a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.4"
},
{
"model": "vsphere virtual disk development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.24"
},
{
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.37"
},
{
"model": "10.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "710/7300"
},
{
"model": "vdi-in-a-box",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.8"
},
{
"model": "fortiauthenticator",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.08"
},
{
"model": "airwave",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "7.4"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "0"
},
{
"model": "nextscale nx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "54550"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.52"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.110"
},
{
"model": "network connect 8.0r3.1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flex system chassis management module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.8"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0"
},
{
"model": "p2000 g3 msa array system ts251p006",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "laserjet printer series q5404a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.5"
},
{
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "flex system p270",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7954-24x)0"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.04"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.10"
},
{
"model": "laserjet p4015 cb509a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.2"
},
{
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "endeca information discovery studio",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1"
},
{
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.18"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "10.0-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.3"
},
{
"model": "infosphere master data management provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.5"
},
{
"model": "laserjet m5035 multifunction printer q7829a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.38"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "8.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5.2.3"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "laserjet enterprise m602 series ce992a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "fortiwifi",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "laserjet enterprise m712 series cf238a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.4"
},
{
"model": "junos 12.1r8-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.344"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087220"
},
{
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "content analysis system software",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.5.5"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.14"
},
{
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "websphere datapower xml accelerator xa35",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.7"
},
{
"model": "(comware family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12500v7)0"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.11"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.50"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v5000-"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.72"
},
{
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "intelligencecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "strm 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "financial services lending and leasing",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "14.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "fortimail build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8546"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.55"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "9.0.3"
},
{
"model": "sbr global enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "color laserjet printer series q7533a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "300046.80.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.10"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.19"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "power ps700",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "bcaaa",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.7"
},
{
"model": "communicator for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "laserjet enterprise m712 series cf235a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "color laserjet cp5525 ce708a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.12"
},
{
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura application server sip core pb28",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "communicator for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.2"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.48"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.5.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.41"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.63"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.9"
},
{
"model": "secure analytics 2014.2r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "color laserjet cm4540 mfp cc421a 2302963 436067",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "color laserjet cp6015 q3934a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.21"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.6"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.24"
},
{
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ape",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "junos 12.1r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flex system en2092 1gb ethernet scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "p2000 g3 msa array system ts251p005",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "idol software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.8"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "key",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.2"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.14"
},
{
"model": "laserjet p4515 cb515a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "worklight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "tivoli netcool/system service monitor fp13",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "laserjet enterprise color m775 series cc523a 2302963 436079",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.01"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.11"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.1"
},
{
"model": "power 780",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "watson explorer security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "52056340"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.53"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.4"
},
{
"model": "junos 12.2r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.7"
},
{
"model": "u200s and cs family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "security threat response manager 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "28.0.1500.71"
},
{
"model": "pulse desktop 5.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.2"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.7"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"model": "winscp",
"scope": "ne",
"trust": 0.3,
"vendor": "winscp",
"version": "5.5.4"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.04"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "enterprise session border controller ecz7.3m2p2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.02"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "laserjet m3035 multifunction printer cc476a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "hsr6800 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.3"
},
{
"model": "color laserjet m651 cz258a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v5)0"
},
{
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "3.4.1"
},
{
"model": "9.3-beta1-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.2"
},
{
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "junos 12.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "message networking sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "officejet enterprise color mfp b5l05a 2302963 436066",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x585"
},
{
"model": "color laserjet cm4540 mfp cc420a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "dgs-1210-52",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "4.00.025"
},
{
"model": "ngfw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.31"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.57"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.3"
},
{
"model": "msr9xx russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "junos 12.3r4-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.14"
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "10.0-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.3"
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1.1"
},
{
"model": "ive os 7.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flex system p260",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-23x)0"
},
{
"model": "laserjet enterprise m806 cz244a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "usage meter",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.3"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.73"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "proxyav",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.4.2.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.3"
},
{
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.56"
},
{
"model": "horizon mirage edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.4.2"
},
{
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "virtuozzo containers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "4.6"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos 12.1x44-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "color laserjet cm4730 multifunction printer cb480a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.54"
},
{
"model": "sbr enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "laserjet enterprise p3015 ce527a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.8"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.014"
},
{
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.154"
},
{
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx4004",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network intrusion prevention system gv1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "splunk",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.4"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"model": "laserjet cm3530 multifunction printer cc519a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "laserjet pro color mfp m276n/nw cf144a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20020140919"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58000"
},
{
"model": "color laserjet cm4730 multifunction printer cb481a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "email appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.7.0.0"
},
{
"model": "email security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "junos os 12.1x46-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "10.0.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.10"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.43"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.13"
},
{
"model": "junos 12.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.4"
},
{
"model": "network connect 7.4r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "msa storage gl200r007",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1040"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.4"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.10"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "rox",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "11.16.1"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet p4014 cb506a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.6"
},
{
"model": "system x3500m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73801.42"
},
{
"model": "licensing",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325025830"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.53"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.2"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v7)0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"model": "idol image server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10.7"
},
{
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.5"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.2.1-x"
},
{
"model": "watson explorer security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "laserjet enterprise color m551 series cf081a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.0"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.2"
},
{
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "9.0--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "laserjet enterprise color m855 a2w78a 2302963 436076",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.2"
},
{
"model": "color laserjet printer series q5984a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "380046.80.8"
},
{
"model": "simatic cp1543-1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1.1"
},
{
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "52056330"
},
{
"model": "color laserjet cp5525 ce707a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "9.0-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73231.42"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "psb email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "10.00"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.3-66.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.23"
},
{
"model": "laserjet p4014 cb507a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "bladecenter js43 with feature code",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x8446)0"
},
{
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.53"
},
{
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.18"
},
{
"model": "junos space 11.4r5.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system storage ts2900 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0026"
},
{
"model": "junos 12.1r7-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "8.4-release-p12",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "netcool/system service monitor fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.014"
},
{
"model": "exalogic",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x2-22.0.6.2.0"
},
{
"model": "color laserjet m680 cz248a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "bbm for android",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.46"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.6.0"
},
{
"model": "color laserjet enterprise cp4025 cc489a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "laserjet m3027 multifunction printer cb416a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"model": "laserjet pro mfp m425dn/dw cf288a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020140919"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "junos 12.1r5-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x363071580"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.29"
},
{
"model": "asset manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.30"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.1"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1.1"
},
{
"model": "content analysis system",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "vsphere storage appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "elan",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "8.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.15"
},
{
"model": "tivoli storage productivity center fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.0"
},
{
"model": "laserjet m5035 multifunction printer q7831a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "2.2"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "msr2000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "email security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "color laserjet printer series cb433a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"model": "laserjet enterprise m712 series cf236a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"model": "tivoli netcool/system service monitor fp9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "communicator for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "color laserjet printer series q7535a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "300046.80.2"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "8.1.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.7"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "bladecenter js12 express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7998-60x)0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.12"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "laserjet multifunction printer series q3943a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43459.310.2"
},
{
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet p4015 cb526a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "cms r16 r6",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "system x3200m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73271.42"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.115"
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.52"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.3.2.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.12"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.0"
},
{
"model": "color laserjet cp3505 printer series ce491a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.160.2"
},
{
"model": "laserjet m5035 multifunction printer q7830a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4.0.15779"
},
{
"model": "color laserjet cp3525 cc468a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.183.1"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura application server sip core pb5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "view client",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "host agent for oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "mcp russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0.0.12141"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.159"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.24"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.93"
},
{
"model": "color laserjet printer series q7495a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "a6600 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.817"
},
{
"model": "laserjet enterprise m602 series ce991a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "f5000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "color laserjet cm6030 multifunction printer ce664a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52.256.1"
},
{
"model": "9.2-release-p8",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.1"
},
{
"model": "color laserjet enterprise cp4025 cc489a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "network connect 7.4r9.1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vcsa",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "idataplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79130"
},
{
"model": "protection service for email",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.5"
},
{
"model": "color laserjet cp3525 cc471a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.183.1"
},
{
"model": "laserjet enterprise flow mfp m525c cf118a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos r11",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "laserjet enterprise color flow mfp m575c cd646a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet m3035 multifunction printer cb415a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "junos 10.4s13",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.3"
},
{
"model": "laserjet cm3530 multifunction printer cc520a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.7"
},
{
"model": "sdn for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0"
},
{
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.44"
},
{
"model": "color laserjet cp5525 ce708a 2302963 436070",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "cognos express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "pk family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"model": "color laserjet cp6015 q3935a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "3par service processor sp-4.2.0.ga-29.p002",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.10"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet enterprise m602 series ce993a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.126"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"model": "laserjet m4345 multifunction printer cb427a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"model": "laserjet p4515 cb517a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "color laserjet cp5525 ce709a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet m5025 multifunction printer q7840a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "security network intrusion prevention system gx4002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet cp6015 q3933a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.20"
},
{
"model": "color laserjet flow m680 cz250a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 11.4r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0.2"
},
{
"model": "color laserjet cp3505 printer series cb444a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.160.2"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.3"
},
{
"model": "icewall sso dfw r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.10"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7"
},
{
"model": "color laserjet printer series cb432a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "cognos express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "horizon view client",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.3.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0.00"
},
{
"model": "color laserjet multifunction printer series q7519a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.1.20"
},
{
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"model": "malware analysis appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.31"
},
{
"model": "flex system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.00"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5.6.2"
},
{
"model": "junos os 12.1x47-d15",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"model": "junos 13.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vfabric application director",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.10"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.2"
},
{
"model": "cloud service automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.00"
},
{
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cluster network/management switches",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "vma san gateway g5.5.1",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "flex system p260 compute node /fc efd9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "10.0-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.92743"
},
{
"model": "system storage ts2900 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0025"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8300"
},
{
"model": "color laserjet cm6040 multifunction printer q3938a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "chargeback manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.6"
},
{
"model": "fortianalyzer",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2"
},
{
"model": "color laserjet m651 cz258a 2302963 436073",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5950"
},
{
"model": "tivoli netcool/system service monitor fp7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.4"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "flex system p260",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-22x)0"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "tssc",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.15"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.7"
},
{
"model": "secblade fw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.5.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.42"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "bbm for iphone",
"scope": "ne",
"trust": 0.3,
"vendor": "rim",
"version": "2.2.1.24"
},
{
"model": "vsphere sdk for perl",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "laserjet enterprise color mfp m880 a2w76a 2302963 436068",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0.1650.59"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.1"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uacos c4.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.2"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.0"
},
{
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.7"
},
{
"model": "flare experience for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.125"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.0.9.8"
},
{
"model": "laserjet enterprise p3015 ce528a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.3"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "idol speech software",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10.7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "color laserjet enterprise cp4525 cc494a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.7"
},
{
"model": "vcenter operations manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.8.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.5"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.30"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.51"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364160"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.4"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "msr50 g2 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"model": "flex system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"model": "big-ip edge clients for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7080"
},
{
"model": "dgs-1500-52",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.51.005"
},
{
"model": "junos 11.4r6-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet m9040 multifunction printer cc394a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.1"
},
{
"model": "color laserjet cp3525 cc470a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.122"
},
{
"model": "laserjet pro color printer m251n/nw cf146a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20020140919"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "laserjet printer series q5401a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.47"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10"
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "power ps703 blade",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7891-73x)0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "3.3.1"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.36"
},
{
"model": "system storage ts3400 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0039"
},
{
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.6"
},
{
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "flex system p460 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-43x)0"
},
{
"model": "update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.7"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.3.4"
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "splunk",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.2"
},
{
"model": "freedome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "fortios b0630",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.00"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.60"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.4"
},
{
"model": "dsr-1000n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.1.0"
},
{
"model": "oncommand unified manager host package",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "web security",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "icewall sso dfw r1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.14"
},
{
"model": "security enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.1"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v19.7"
},
{
"model": "bladesystem c-class onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "flex system p270 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7954-24x)0"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58200"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.52"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf285a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "crossbow",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "system x3650m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79471.42"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.0"
},
{
"model": "system x3200m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73281.42"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.16"
},
{
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.39"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "color laserjet cm6040 multifunction printer q3939a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "color laserjet cp6015 q3933a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.76"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "10.0-release-p5",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "laserjet m3027 multifunction printer cc479a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.1"
},
{
"model": "laserjet multifunction printer series q3942a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43459.310.2"
},
{
"model": "crossbow",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.2.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.2"
},
{
"model": "junos 10.4s14",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.25"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "laserjet m4345 multifunction printer cb428a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uacos c4.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsr-500n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "color laserjet m651 cz255a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.16"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.11"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "storeever msl6480 tape library",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.40"
},
{
"model": "msr3000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.0"
},
{
"model": "color laserjet enterprise m750 d3l09a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos space 13.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.013"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.3"
},
{
"model": "laserjet enterprise color m855 a2w79a 2302963 436076",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.67"
},
{
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "operations automation",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "5.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.20"
},
{
"model": "4800g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "flex system p460",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-43x)0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.7"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.4"
},
{
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.00"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.31"
},
{
"model": "laserjet enterprise m4555 mfp ce503a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.11"
},
{
"model": "sylpheed",
"scope": "ne",
"trust": 0.3,
"vendor": "sylpheed",
"version": "3.4.2"
},
{
"model": "host checker",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"model": "junos space ja2500 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "laserjet m5035 multifunction printer q7831a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.10"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "receiver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.12"
},
{
"model": "secure work space",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "0"
},
{
"model": "color laserjet cp6015 q3935a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.2"
},
{
"model": "color laserjet cm4730 multifunction printer cb482a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.37"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"model": "collaboration services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.16"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.49"
},
{
"model": "color laserjet cp6015 q3933a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.6"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.13"
},
{
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idol software",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "9.0.3"
},
{
"model": "puredata system for hadoop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.02"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.1"
},
{
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "idatplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79130"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v310.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.169"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1"
},
{
"model": "fastsetup",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.4"
},
{
"model": "flare experience for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.26"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "laserjet printer series q5409a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "laserjet enterprise mfp m630 series b3g85a 2303714 233000041",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.2"
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.0"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"model": "color laserjet multifunction printer series cb483a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dgs-1500-28p",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.51.005"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 11.4r12",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.1"
},
{
"model": "a6600 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.1"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.1"
},
{
"model": "laserjet multifunction printer series q3728a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.290.2"
},
{
"model": "junos space 12.3r2.8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system x3650m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79451.42"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.36"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "color laserjet cp6015 q3932a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "bcaaa",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.9"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "vcloud networking and security",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1.2"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"model": "vsphere support assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.7"
},
{
"model": "laserjet m4345 multifunction printer cb426a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.34"
},
{
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.19"
},
{
"model": "flex system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "14.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.65"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.1"
},
{
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.7.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.16"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.011"
},
{
"model": "junos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.29"
},
{
"model": "storeever msl6480 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "junos os 11.4r12-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2"
},
{
"model": "3par service processor sp-4.3.0.ga-17.p001",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "laserjet printer series q5407a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "laserjet enterprise color mfp m880 a2w76a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "laserjet enterprise color m775 series cc524a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "laserjet p4515 cb515a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "junos 12.1r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "junos 11.4r10-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.45"
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.41"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.116"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.73"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.67"
},
{
"model": "junos 12.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.015"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.09"
},
{
"model": "sbr carrier 8.0.0-r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.1"
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77109.7"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf399a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "color laserjet cp3525 cc469a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.183.1"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.1"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "quantum policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet enterprise color m775 series cc522a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "msr20 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "forticlient",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0.614"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "asset manager 9.41.p1",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "cloudsystem enterprise software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0.2"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.6"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.57"
},
{
"model": "msr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.88"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.3"
},
{
"model": "9.2-rc2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "utm manager",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.51"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.9"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "tivoli netcool/system service monitor fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3"
},
{
"model": "cloud server",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "6.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.16"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "system x3630m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73771.42"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "10.0.2"
},
{
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "bladesystem c-class onboard administrator",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.22"
},
{
"model": "fortirecorder",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.4.1"
},
{
"model": "enterprise linux long life 5.9.server",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "powerlinux 7r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "vcenter chargeback manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.6"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1.0.18193"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "color laserjet cp6015 q3931a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73211.42"
},
{
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2"
},
{
"model": "infosphere balanced warehouse c4000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.123"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.7"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "jetdirect ew2500 802.11b/g wireless print server j8021a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "41.16"
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.53"
},
{
"model": "color laserjet cm4730 multifunction printer cb483a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "50.286.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1"
},
{
"model": "junos r2-s2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.12"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7900.00"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.50"
},
{
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.1"
},
{
"model": "client connector",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.91"
},
{
"model": "laserjet enterprise m4555 mfp ce738a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos os 12.2r9",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "color laserjet cm4730 multifunction printer cb480a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "50.286.1"
},
{
"model": "flare experience for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.2.2"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1.4"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4"
},
{
"model": "communicator for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "lifetime key management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "bladesystem c-class onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.20"
},
{
"model": "vix api",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.12"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"model": "color laserjet cm4730 multifunction printer cb481a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "50.286.1"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf270a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "laserjet enterprise color m855 a2w78a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.15"
},
{
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"model": "strm",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.26"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "infosphere balanced warehouse d5100",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "junos 13.2r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 11.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.10"
},
{
"model": "websphere datapower xml accelerator xa35",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "laserjet enterprise color m775 series cc523a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10648"
},
{
"model": "laserjet p4014 cb507a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.9"
},
{
"model": "database and middleware automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.0"
},
{
"model": "8.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.047.8"
},
{
"model": "enterprise linux server eus 6.4.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "vcd",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.11"
},
{
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"model": "laserjet enterprise color m551 series cf083a 2302963 436083",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.2"
},
{
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "icewall sso dfw r2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.5"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet p2055 printer series ce456a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20141201"
},
{
"model": "messaging secure gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.1"
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.01"
},
{
"model": "9250c digital sender cb472a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "netiq admininstration console server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1.131"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.2"
},
{
"model": "sparc m10-4",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "junos 13.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "software foundation python",
"scope": "eq",
"trust": 0.3,
"vendor": "python",
"version": "3.5"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7100"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "laserjet enterprise color m855 a2w79a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.0-76.7"
},
{
"model": "bbm for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "0"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.4"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "color laserjet cp6015 q3934a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8721"
},
{
"model": "color laserjet m651 cz257a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.0"
},
{
"model": "laserjet enterprise m4555 mfp ce502a 2302963 436064",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "vsphere virtual disk development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "ive os 8.0r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system storage ts2900 tape librray",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "0033"
},
{
"model": "laserjet enterprise m4555 mfp ce504a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "laserjet cm3530 multifunction printer cc519a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.9"
},
{
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.0-77.5"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.3"
},
{
"model": "laserjet p3005 printer series q7816a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.6"
},
{
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos os 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet p4515 cb516a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.172"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "aura application server sip core pb19",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "bladecenter js22",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7998-61x)0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.15"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.65"
},
{
"model": "executive scorecard",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.41"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"model": "8.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "infosphere balanced warehouse c3000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.6"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.4"
},
{
"model": "junos 12.3r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx7800",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uacos c5.0",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "strm/jsa",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "junos 12.3r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "z/tpf",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.10"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.40"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "laserjet enterprise color mfp m880 d7p70a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "laserjet p4515 cb514a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"model": "puredata system for operational analytics a1791",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.6"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.55"
},
{
"model": "system x3400m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "78361.42"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "fortirecorder",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.5"
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cognos insight standalone fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "bladecenter js23",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x)0"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.5"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.0"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "msa storage gl200r007",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2040"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "icewall sso certd r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "command view server based management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.3.2"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "laserjet printer series q7697a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.161"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.6"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.5"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "9500e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet enterprise m712 series cf235a 2302963 436080",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "fortisandbox build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.3.086"
},
{
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.4"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "23.0.1271.94"
},
{
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "vcenter site recovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0.31"
},
{
"model": "dgs-1210-28p",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "4.00.043"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.75"
},
{
"model": "color laserjet m680 cz248a 2302963 436072",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.91"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "ape",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x330073820"
},
{
"model": "asset manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.40"
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dsr-500 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.3-64.4"
},
{
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.19"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "enterprise linux server eus 6.3.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0"
},
{
"model": "junos 10.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.10.140.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.32"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1.3"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "6.5"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "laserjet p3005 printer series q7814a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v110.1"
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "20"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "36100"
},
{
"model": "ive os 7.4r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.21"
},
{
"model": "hi switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.7"
},
{
"model": "laserjet enterprise m4555 mfp ce503a 2302963 436064",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "msr9xx family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "vcenter site recovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1.1"
},
{
"model": "nsx for multi-hypervisor",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1.2"
},
{
"model": "laserjet printer series q7698a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "sbr enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.17"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.63"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "junos os 13.3r2-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli workload scheduler distributed fp07",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "msr30 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "scale out network attached storage",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.3"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0.4"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.0.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087330"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.20"
},
{
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet enterprise cp4525 cc493a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "executive scorecard",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.40"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.22"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.2"
},
{
"model": "websphere datapower b2b appliance xb62",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "laserjet multifunction printer series q3726a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.290.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.82"
},
{
"model": "color laserjet cp4005 printer series cb504a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "46.230.6"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.0.74.4"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "junos space 12.3p2.8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.85"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.60"
},
{
"model": "pulse desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "rational insight ifix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"model": "tivoli workload scheduler distributed fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "laserjet m4345 multifunction printer cb425a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "8.4-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "laserjet enterprise m602 series ce991a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "malware analysis appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1.2"
},
{
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.1.0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.126.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "color laserjet flow m680 ca251a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.4"
},
{
"model": "splunk",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.9"
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "2.0"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.1"
},
{
"model": "bbm for android",
"scope": "ne",
"trust": 0.3,
"vendor": "rim",
"version": "2.2.1.40"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"model": "virtual automation",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.68"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"model": "color laserjet enterprise cp4025 cc490a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.34"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "ds8870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.50"
},
{
"model": "color laserjet multifunction printer series cb481a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "laserjet printer series q7545a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "junos 13.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2143"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19100"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet printer series q5406a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "forticlient build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0591"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.34"
},
{
"model": "studio",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.60"
},
{
"model": "aura conferencing sp1 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "laserjet enterprise mfp m525f cf116a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "color laserjet cp3525 cc468a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.2"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.10"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"model": "ssl visibility",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27.62"
},
{
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310054570"
},
{
"model": "vcd",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1.3"
},
{
"model": "9.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.4"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "one-x mobile ces for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "junos os 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59200"
},
{
"model": "security analytics platform",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.1.3"
},
{
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 11.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"model": "xiv storage system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "281011.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.20"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "junos 12.1x45-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "system x3500m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "78391.42"
},
{
"model": "utm",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "9.2"
},
{
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet cp5525 ce707a 2302963 436070",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "enterprise linux els",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v3500-"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.26"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.13"
},
{
"model": "email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "11.00"
},
{
"model": "color laserjet cm6030 multifunction printer ce664a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "psb email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "9.20"
},
{
"model": "color laserjet cp3525 cc471a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "35.0.1916.155"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos space r1.8",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.1.4"
},
{
"model": "webapp secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.11"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.70"
},
{
"model": "utm",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "8.3"
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087180"
},
{
"model": "laserjet enterprise p3015 ce526a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.50"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.14"
},
{
"model": "junos 12.3r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.4"
},
{
"model": "color laserjet cp6015 q3934a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.170"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v3700-"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.92"
},
{
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "88704.76.0"
},
{
"model": "web security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.1"
},
{
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "5.0"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.1"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.21"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x638370"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.85"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0"
},
{
"model": "color laserjet multifunction printer series cb480a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "vm virtualbox 4.2.0-rc3",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "color laserjet cm4540 mfp cc421a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.50"
},
{
"model": "color laserjet multifunction printer series cb482a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"model": "sdn for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "laserjet multifunction printer series q3944a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43459.310.2"
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3"
},
{
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.2r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.51"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.8"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"model": "junos 10.4r14",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1"
},
{
"model": "laserjet printer series q5403a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.56"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vcsa",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.343"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "color laserjet printer series q5982a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "380046.80.8"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.4"
},
{
"model": "junos pulse 4.0r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.12"
},
{
"model": "cognos planning fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "junos -d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "p2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"model": "fortiauthenticator",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.28"
},
{
"model": "junos space 13.1r1.6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "view client",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.3.1"
},
{
"model": "junos 10.0s25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 10.4r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "10.00"
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73251.42"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.13"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.52"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.3"
},
{
"model": "color laserjet cm6040 multifunction printer q3939a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52.256.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.18"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.28"
},
{
"model": "junos 10.4r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"model": "vsphere storage appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1.3"
},
{
"model": "laserjet p4015 cb511a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2.0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0.1"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.17"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.18"
},
{
"model": "junos 12.3r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.36"
},
{
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.29"
},
{
"model": "datafort s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.4"
},
{
"model": "core",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "junos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "management center",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.2.1.1"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf274a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0"
},
{
"model": "blackberry link",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "1.2"
},
{
"model": "msr20-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.77"
},
{
"model": "8.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.17"
},
{
"model": "one-x mobile ces for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.4"
},
{
"model": "system x3650m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "54541.42"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.7"
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325054580"
},
{
"model": "cognos insight standalone",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.4"
},
{
"model": "junos 11.4r5-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ive os 8.0r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.13"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.36"
},
{
"model": "junos os 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0"
},
{
"model": "fortiweb",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.3.1"
},
{
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.114"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8.106"
},
{
"model": "lifetime key management software",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "vcenter converter standalone",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "color laserjet cm4730 multifunction printer cb482a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "50.286.1"
},
{
"model": "10.0-beta",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0.1700.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.22"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "horizon workspace server gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.89"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "junos 12.1r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.07"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.56"
},
{
"model": "laserjet multifunction printer series q3945a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43459.310.2"
},
{
"model": "websphere datapower xml accelerator xa35",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.15"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "executive scorecard",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.5"
},
{
"model": "bladesystem c-class onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.21"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.14"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.4"
},
{
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "60000"
},
{
"model": "one-x client enablement services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.1"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.21"
},
{
"model": "netiq identity server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "color laserjet enterprise cp4525 cc495a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "junos 12.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.80"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.5.2"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.107"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "flex system p260 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-23x)0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "laserjet enterprise mfp m630 series b3g84a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.4"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "vcsa",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "color laserjet enterprise m750 d3l10a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.27"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.170"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "horizon workspace client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.20"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "laserjet m3035 multifunction printer cc476a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "laserjet enterprise flow m830z mfp cf367a 2302963 436071",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5750"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "config advisor",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "color laserjet cm4540 mfp cc420a 2302963 436067",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "color laserjet enterprise cp4525 cc494a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "laserjet enterprise mfp m725 cf067a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "color laserjet printer series q7492a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.9"
},
{
"model": "eucalyptus",
"scope": "eq",
"trust": 0.3,
"vendor": "eucalyptus",
"version": "4.0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet m680 cz249a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet m3035 multifunction printer cc477a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.1.0"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "fortimanager",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.12"
},
{
"model": "forticlient",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.10"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.22"
},
{
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "10"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.0"
},
{
"model": "websphere datapower low latency appliance xm70",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.15"
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cognos insight standalone fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "oncommand balance",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "f1000a and s family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "stunnel",
"scope": "ne",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.02"
},
{
"model": "u200a and m family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.57"
},
{
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.6"
},
{
"model": "flex system fc5022",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "850/8700"
},
{
"model": "officejet enterprise color c2s12a 2302963 436074",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x555"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70000"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.2.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.11"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.66"
},
{
"model": "junos d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "color laserjet cm4540 mfp cc419a 2302963 436067",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.3"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.31"
},
{
"model": "vcenter converter standalone",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "infosphere master data management patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"model": "hsr6602 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.44"
},
{
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"model": "one-x mobile for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.5"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.50"
},
{
"model": "9.0-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.14"
},
{
"model": "laserjet m4345 multifunction printer cb425a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.6"
},
{
"model": "websphere datapower soa appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.07"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.8"
},
{
"model": "junos space 14.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27.44"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.22"
},
{
"model": "9.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "color laserjet m651 cz255a 2302963 436073",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"model": "scanjet enterprise document capture workstation l2717a 2302963 436065",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8500"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.19"
},
{
"model": "laserjet p4015 cb510a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.99"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.168"
},
{
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.02007"
},
{
"model": "cloudsystem foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0.2"
},
{
"model": "9.0-rc3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 13.3r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.41"
},
{
"model": "junos 12.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "vcd",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.6.2"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x638370"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "elan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "8.3.3"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.1"
},
{
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.3"
},
{
"model": "laserjet enterprise color mfp m575dn cd645a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "system x3250m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "42511.42"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"model": "laserjet enterprise m806 cz245a 2302963 436075",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.4"
},
{
"model": "suse core for",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9x86"
},
{
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "junos 13.2r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "horizon workspace server data",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025308"
},
{
"model": "9.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.81"
},
{
"model": "storage encryption",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.4"
},
{
"model": "laserjet m3027 multifunction printer cb416a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0.1700.99"
},
{
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.108"
},
{
"model": "xenclient enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"model": "laserjet enterprise mfp m630 series b3g84a 2303714 233000041",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "netscaler ipmi/lom interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "8.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "msr20 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "85704.76.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.9"
},
{
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet m680 cz249a 2302963 436072",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.62"
},
{
"model": "servicecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "bladesystem c-class virtual connect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.30"
},
{
"model": "sparc m10-4s",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "fortiauthenticator build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.1.060"
},
{
"model": "laserjet enterprise m601 series ce990a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129000"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "vcenter support assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.14"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0"
},
{
"model": "sbr carrier 7.6.0-r10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.56"
},
{
"model": "hsr6800 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet printer series q7552a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "scanjet enterprise document capture workstation l2717a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "85000"
},
{
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.39"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.0"
},
{
"model": "bladecenter js23/js43",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x)0"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.185"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.2"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "laserjet printer series q3721a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "flex system fabric en4093 10gb scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.5"
},
{
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "messagesight server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "secblade iii",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "safe profile",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.79"
},
{
"model": "junos 13.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "laserjet m5035 multifunction printer q7830a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "jetdirect 640n eio card j8025a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "45.35"
},
{
"model": "junos 13.2r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2.2"
},
{
"model": "vdi-in-a-box",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.4"
},
{
"model": "itbm standard",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "websphere datapower soa appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.00"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.2"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-467"
},
{
"model": "color laserjet cp3525 cc469a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 13.1r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.11"
},
{
"model": "fortivoiceos build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0.3165"
},
{
"model": "laserjet enterprise color m551 series cf082a 2302963 436083",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "secure analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.4"
},
{
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "flex system fabric si4093 system interconnect module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.17"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "laserjet printer series q3722a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.00"
},
{
"model": "junos pulse 5.0r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.14"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.22"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "enterprise linux eus 5.9.z server",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.7.3"
},
{
"model": "laserjet p4515 cb516a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.3"
},
{
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.2"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datafort management console",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.05"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"model": "f1000e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.113"
},
{
"model": "laserjet enterprise m601 series ce989a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"model": "junos 11.4r6.6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.40"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19200"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3"
},
{
"model": "color laserjet cm4540 mfp cc419a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.3"
},
{
"model": "vsphere replication",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.6"
},
{
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr93x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "airwave",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.01"
},
{
"model": "big data extensions",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "junos space 12.3r1.3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsr-1000n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.19"
},
{
"model": "junos 11.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr50 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0.1055"
},
{
"model": "laserjet m5025 multifunction printer q7840a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "flex system p260 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-22x)0"
},
{
"model": "tivoli netcool/system service monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "virtuozzo containers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "4.7"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5"
},
{
"model": "junos 12.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet enterprise m603 series ce994a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "vsphere support assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.37"
},
{
"model": "airwave",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "7.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "laserjet enterprise m806 cz245a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "color laserjet printer series q7493a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "msr50 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.0"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.61"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "tivoli netcool/system service monitor fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.41"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "8.4-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 10.0s28",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.9"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "color laserjet cp6015 q3931a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"model": "color laserjet enterprise cp4525 cc493a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "10.0-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.4"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.4.2"
},
{
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "utm",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "9.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.40"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.07"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1183.0"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "ssl visibility",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.7"
},
{
"model": "fortigate build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.18"
},
{
"model": "junos os 12.3r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "cms r17 r3",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "horizon workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "websphere datapower b2b appliance xb62",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.10"
},
{
"model": "color laserjet cm6030 multifunction printer ce665a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52.256.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.16"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.79"
},
{
"model": "manageability sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.13"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "security network intrusion prevention system gx5108",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "fortiwifi",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "vix api",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.12"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.16"
},
{
"model": "junos 5.0r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.33"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.9"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "6.4"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "3.3"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.1"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "vsphere replication",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.02"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.1.3"
},
{
"model": "uacos c5.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet enterprise p3015 ce525a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 13.1r.3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web filter",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.6"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0.1750.152"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.6"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.10"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v20"
},
{
"model": "laserjet p2055 printer series ce459a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20141201"
},
{
"model": "color laserjet cm4730 multifunction printer cb483a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.3"
},
{
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.196.4"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.203"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dynamic system analysis",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "dgs-1210-28",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "4.00.012"
},
{
"model": "ssl vpn 7.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.20"
},
{
"model": "laserjet enterprise m601 series ce989a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3.0.13725"
},
{
"model": "infosphere master data management server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.152"
},
{
"model": "color laserjet printer series q7534a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "300046.80.2"
},
{
"model": "horizon workspace client for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.51"
},
{
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "netiq access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.0"
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7893"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "watson explorer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.4"
},
{
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "netiq access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.2"
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "command view for tape libraries",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet enterprise color mfp m575dn cd645a 2302963 436081",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "junos 12.1x45-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "project openssl 1.0.1h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.2"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.4"
},
{
"model": "9.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.0"
},
{
"model": "msr30-16 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fortiwifi build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "laserjet enterprise color m855 a2w77a 2302963 436076",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.4"
},
{
"model": "puredata system for hadoop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.01"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloudsystem chargeback",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.40"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.2354"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.3"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.0"
},
{
"model": "aura application server sip core pb3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.3"
},
{
"model": "netiq access gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.2"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "security threat response manager 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "laserjet m3027 multifunction printer cc479a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "color laserjet cp6015 q3932a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0"
},
{
"model": "enterprise linux long life server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.6"
},
{
"model": "laserjet enterprise mfp m525f cf117a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.134.14"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.0"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.3"
},
{
"model": "junos 11.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0.2"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.7"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.4"
},
{
"model": "storage management initiative specification providers fo",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "57100"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.1"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "msr30-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.15"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.79"
},
{
"model": "puremessage for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.04"
},
{
"model": "junos 11.4r5.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.74"
},
{
"model": "laserjet enterprise p3015 ce595a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet p4515 cb514a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.03"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "sterling connect:direct",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.070.5"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.1.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.11"
},
{
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"model": "junos 11.4r12-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.2.4"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125000"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "8.4-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.55"
},
{
"model": "officejet enterprise color c2s11a 2302963 436074",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x555"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.9.0.0"
},
{
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.12"
},
{
"model": "msr30-16 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "imc ead",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.31"
},
{
"model": "laserjet m5035 multifunction printer q7829a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "fortios b064",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.12"
},
{
"model": "mysql",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"model": "laserjet p4015 cb509a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x353071600"
},
{
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "laserjet m3035 multifunction printer cb414a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.25"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27.43"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.13"
},
{
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "color laserjet cp5525 ce709a 2302963 436070",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "horizon workspace client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5"
},
{
"model": "web filter",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.52"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "junos 11.4r7-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "security network intrusion prevention system gv200",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "laserjet enterprise color mfp m880 a2w75a 2302963 436068",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "system storage ts3400 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0040"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.40"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087520"
},
{
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "scanjet enterprise document capture workstation l2719a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "85000"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0"
},
{
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7.3"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "junos 12.1r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.5"
},
{
"model": "websphere datapower soa appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.015"
},
{
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vma san gateway g5.5.1.3",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4.0.14619"
},
{
"model": "one-x mobile lite for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.173"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "system dx360m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "63911.42"
},
{
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sterling connect:direct",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.4"
},
{
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.24"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "fortianalyzer",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.45"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "cognos express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"model": "color laserjet cp6015 q3931a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "9.2-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.1"
},
{
"model": "laserjet p3005 printer series q7815a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "datafort fc-series",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1.0.9"
},
{
"model": "vcac",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "vcenter site recovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7200"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet printer series q5408a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "xiv storage system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "281011.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "4210g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "aura application server sip core pb25",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.8"
},
{
"model": "junos r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "14.1"
},
{
"model": "laserjet enterprise m603 series ce995a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.118"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.88"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.3"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.95"
},
{
"model": "tivoli netcool/system service monitor fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "nsx for multi-hypervisor",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0.3"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355079140"
},
{
"model": "integrated lights out manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.3"
},
{
"model": "utm",
"scope": "ne",
"trust": 0.3,
"vendor": "sophos",
"version": "9.203"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.3.1.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "laserjet enterprise mfp m725 cf069a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.10"
},
{
"model": "laserjet printer series q7784a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42408.250.2"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59000"
},
{
"model": "project metasploit framework",
"scope": "ne",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.3"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.0"
},
{
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.86"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.12"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.3"
},
{
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.2"
},
{
"model": "cloudsystem enterprise software",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8.1"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75000"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "watson explorer security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "junos r12",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4"
},
{
"model": "websphere datapower low latency appliance xm70",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.4"
},
{
"model": "9.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "laserjet enterprise mfp m725 cf068a 2302963 436078",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.59"
},
{
"model": "laserjet enterprise mfp m725 cf068a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10500"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.3"
},
{
"model": "laserjet enterprise color mfp m575dn cd644a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "junos os 14.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "color laserjet cp3505 printer series cb442a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.160.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.2"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.32"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.42"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"model": "laserjet printer series q5400a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.1"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087220"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.3"
},
{
"model": "laserjet printer series q7546a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "command view for tape libraries",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.8"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "laserjet printer series q7547a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.01"
},
{
"model": "rox",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "22.6"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "power ps701",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "color laserjet m651 cz256a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.012"
},
{
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.8"
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0.3"
},
{
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet enterprise mfp m725 cf066a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"model": "laserjet enterprise mfp m630 series b3g85a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.1"
},
{
"model": "aura messaging sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.3"
},
{
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "software foundation python",
"scope": "eq",
"trust": 0.3,
"vendor": "python",
"version": "3.4"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "laserjet enterprise color m775 series cf304a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "9.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.119"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.2"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "laserjet printer series q5402a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "msr30-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "vcloud networking and security",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.2"
},
{
"model": "color laserjet printer series q7491a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "4510g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.5"
},
{
"model": "laserjet m3035 multifunction printer cb414a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "dsr-1000 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "operations automation",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "5.0"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.5"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6.2"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.9"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.1"
},
{
"model": "one-x mobile lite for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x44-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.2"
},
{
"model": "database and middleware automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "laserjet enterprise color mfp m575dn cd644a 2302963 436081",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0.0.12875"
},
{
"model": "power system s822",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "network connect 8.0r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.21-21"
},
{
"model": "junos pulse for android",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.22"
},
{
"model": "system x3550m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79441.42"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.40"
},
{
"model": "airwave",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "7.2.2"
},
{
"model": "vfabric application director",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.2"
},
{
"model": "color laserjet printer series q5981a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "380046.80.8"
},
{
"model": "enterprise virtualization",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "junos 11.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1"
},
{
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.2.2"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2.6"
},
{
"model": "junos 10.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "proxysg sgos",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5.4.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.5"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.2"
},
{
"model": "websphere datapower xml accelerator xa35",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.8"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cz195a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "integrity sd2 cb900s i2 and i4 server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.7.98"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.010"
},
{
"model": "flex system p260",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.4"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7.0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.37"
},
{
"model": "pulse desktop 4.0r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet p4015 cb510a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.8"
},
{
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4"
},
{
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "ive os 7.4r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "puredata system for hadoop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.00"
},
{
"model": "utm manager",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.29"
},
{
"model": "laserjet printer series q7699a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "messaging secure gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.5"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.5"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.23"
},
{
"model": "m220 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.03"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77009.7"
},
{
"model": "8.4-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.2"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "unified agent",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58300"
},
{
"model": "jetdirect 695n eio card j8024a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "41.16"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.3.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "laserjet printer series q5410a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data recovery",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.9.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.0"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x350073830"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"model": "idatplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79120"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.21"
},
{
"model": "cms r16",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "color laserjet m651 cz256a 2302963 436073",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fortisandbox",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.12"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.121"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0.1"
},
{
"model": "color laserjet printer series q7494a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "119000"
},
{
"model": "secure analytics 2014.2r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "power ps704 blade",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7891-74x)0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.120"
},
{
"model": "flashsystem 9843-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "laserjet enterprise mfp m725 cf067a 2302963 436078",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "laserjet enterprise p3015 ce525a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "nsx for vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.4"
},
{
"model": "junos 13.1r3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.24"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip edge clients for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7101"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.157.3"
},
{
"model": "laserjet cm3530 multifunction printer cc519a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "laserjet enterprise m4555 mfp ce738a 2302963 436064",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.48"
},
{
"model": "horizon workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.9"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp series",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "laserjet enterprise p3015 ce527a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "laserjet enterprise p3015 ce526a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"model": "tivoli netcool/system service monitor fp12",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "watson explorer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.4"
},
{
"model": "laserjet enterprise mfp m630 series b3g86a 2303714 233000041",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "system storage ts3400 tape library",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "0042"
},
{
"model": "email security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.1"
},
{
"model": "junos 12.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.143"
},
{
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"model": "laserjet m3035 multifunction printer cb415a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet cm3530 multifunction printer cc520a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "messagesight server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "ive os 8.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 11.4r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr93x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.47"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.2"
},
{
"model": "color laserjet multifunction printer series q7520a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "airwave",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "7.7.12"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.0"
},
{
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "9250c digital sender cb472a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.293.1"
},
{
"model": "protection service for email",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.1"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.31"
},
{
"model": "laserjet enterprise color mfp m880 d7p71a 2302963 436068",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.8"
},
{
"model": "netezza diagnostic tools",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0"
},
{
"model": "laserjet m4345 multifunction printer cb427a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.21"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.1.68.7"
},
{
"model": "elan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "8.2"
},
{
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5"
},
{
"model": "ds8870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "laserjet enterprise color m855 a2w77a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.81"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2.15"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.2"
},
{
"model": "dgs-1500-28",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.51.005"
},
{
"model": "3par service processor sp-4.2.0.ga-29.p003",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s7-1500",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.6"
},
{
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "virtual tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.70"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"model": "cloud service automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.01"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"model": "color laserjet multifunction printer series q7518a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.13"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.8"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "laserjet printer series q7544a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "laserjet enterprise m4555 mfp ce502a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos space 13.1p1.14",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dgs-1210-20",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "4.00.041"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "icewall sso dfw certd",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet enterprise m603 series ce996a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.9"
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"model": "color laserjet cp6015 q3932a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.53"
},
{
"model": "horizon workspace client for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5"
},
{
"model": "communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "via for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "2.0.0"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"model": "color laserjet printer series q5983a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "380046.80.8"
},
{
"model": "junos 11.4r9-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sbr enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.10"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.23"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.6"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "puremessage for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.05"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.19"
},
{
"model": "tivoli storage productivity center fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.14"
},
{
"model": "sterling connect:enterprise for unix ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.3"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7300"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "officejet enterprise color mfp b5l04a 2302963 436066",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x585"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.01"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.5"
},
{
"model": "via for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "2.0.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.17"
},
{
"model": "pulse desktop 5.0r3.1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.06"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.3.61.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.115"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1.2"
},
{
"model": "junos 5.0r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"model": "fortios build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jetdirect 620n eio card j7934g",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "29.26"
},
{
"model": "junos 10.0s18",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "scanjet enterprise document capture workstation l2719a 2302963 436065",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8500"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.33"
},
{
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.12"
},
{
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.4"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.45"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.2"
},
{
"model": "service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.31"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8724"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.78"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "color laserjet flow m680 ca251a 2302963 436072",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079150"
},
{
"model": "exalogic",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x3-22.0.6.2.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.10"
},
{
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 10.4r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.15"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "config manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.6"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.3"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.6"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "ssl vpn 8.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.4"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0"
},
{
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4.0.15"
},
{
"model": "cp1543-1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.1.25"
},
{
"model": "laserjet m9050 multifunction printer cc395a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "51.256.1"
},
{
"model": "ive os 7.4r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.41"
},
{
"model": "laserjet enterprise color m551 series cf081a 2302963 436083",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "advanced settings utility",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "msr30 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"model": "color laserjet enterprise m750 d3l10a 2302963 436077",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "color laserjet cp3505 printer series cb443a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.160.2"
},
{
"model": "laserjet enterprise m601 series ce990a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "proxysg sgos",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.2.15.6"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.54"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087330"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.30"
},
{
"model": "utm",
"scope": "ne",
"trust": 0.3,
"vendor": "sophos",
"version": "9.113"
},
{
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.9"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "color laserjet printer series q7536a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "300046.80.2"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.2.0"
},
{
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jsa 2014.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.2"
},
{
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.177"
},
{
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.35"
},
{
"model": "8.4-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.1"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x571431.43"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "hsr6602 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.18"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.1"
},
{
"model": "laserjet enterprise color m775 series cc524a 2302963 436079",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.23"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v39.7"
},
{
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.21"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.32"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "datafort common criteria fc-series",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "junos 11.4r7-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.20"
},
{
"model": "pulse desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.38"
},
{
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "ovf tool",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5.1"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "message networking sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.00"
},
{
"model": "chargeback manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7.3"
},
{
"model": "laserjet enterprise flow m830z mfp cf367a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "officejet enterprise color mfp b5l07a 2302963 436066",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x585"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7500"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.5.0.15"
},
{
"model": "junos 12.1x45-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet m4345 multifunction printer cb428a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.8"
},
{
"model": "junos 13.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"model": "fortimail build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.3281"
},
{
"model": "color laserjet enterprise m750 d3l08a 2302963 436077",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf278a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.40"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.78"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.65"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "28.0.1500.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.5"
},
{
"model": "vma",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.11"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.31"
},
{
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.8"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1.6.3"
},
{
"model": "proxyav",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5.21"
},
{
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.13"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.39"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.8"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.12"
},
{
"model": "color laserjet enterprise m750 d3l09a 2302963 436077",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "web security",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.33"
},
{
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-476"
},
{
"model": "system x3400m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73781.42"
},
{
"model": "strm/jsa 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx7412",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.171"
},
{
"model": "vcenter support assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "laserjet p4015 cb511a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "msr50-g2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.21"
},
{
"model": "exalogic",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x4-22.0.6.2.0"
},
{
"model": "system x3550m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79461.42"
},
{
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.156"
},
{
"model": "laserjet cm3530 multifunction printer cc520a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.58"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "11.16"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0"
},
{
"model": "jetdirect 690n eio card j8007a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "41.16"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "flex system p24l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "ovf tool",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.17"
},
{
"model": "command view server based management",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10.3.3"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.2.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.18"
},
{
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.14"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.30"
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.7.1"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.3.1"
},
{
"model": "9.2-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "color laserjet cm6030 multifunction printer ce665a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "vma san gateway g5.5.1.1",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"model": "dsr-1000 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "laserjet enterprise m603 series ce996a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos space 13.3r4.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.4.4"
},
{
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1.1"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571481.43"
},
{
"model": "fortivoiceos",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1"
},
{
"model": "imc uam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.86"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.24"
},
{
"model": "system x3650m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79491.42"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.213"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "intelligent management center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "laserjet enterprise m602 series ce993a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "tivoli netcool/system service monitor fp8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.02"
},
{
"model": "vsphere cli",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "junos 10.4r13",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet enterprise p3015 ce528a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.54"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "8.4-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "22.5"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x2.0.10"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 13.1r4-s2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "color laserjet enterprise m750 d3l08a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "system x3250m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "42521.42"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "20500"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.2"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.112"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"model": "junos d35",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.1880"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.15"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.32"
},
{
"model": "ape",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "2.0.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.43"
},
{
"model": "laserjet m4345 multifunction printer cb426a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr20-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "aura application server sip core pb26",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.99"
},
{
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.3"
},
{
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0"
},
{
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.10"
},
{
"model": "9.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.1"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2.0"
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli netcool/system service monitor fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.28"
},
{
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "junos 12.1x45-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.2"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.178"
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5"
},
{
"model": "flex system p460 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-42x)0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.2.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.76"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "horizon view client",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.4.6.1"
},
{
"model": "service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.21"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.8.11"
},
{
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-471"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "color laserjet enterprise cp4025 cc490a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "communicator for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v29.7"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.131.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"model": "laserjet printer series q3723a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.06"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "3par service processor sp-4.3.0.ga-17.p000",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "color laserjet cp6015 q3935a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.27"
},
{
"model": "sbr carrier 7.5.0-r11",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet enterprise m603 series ce994a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "junos 12.2r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.19"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.21"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.4"
},
{
"model": "laserjet enterprise m4555 mfp ce504a 2302963 436064",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 10.4r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.60"
},
{
"model": "digital sender 9200c q5916a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9.271.3"
},
{
"model": "laserjet m3035 multifunction printer cc477a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "system x3620m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73761.42"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3600v20"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"model": "laserjet p3005 printer series q7812a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "laserjet enterprise color flow mfp m575c cd646a 2302963 436081",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.55"
},
{
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.90"
},
{
"model": "laserjet p4515 cb514a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.16"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0.3"
},
{
"model": "10.0-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"model": "msr4000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "system x3400m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "78371.42"
},
{
"model": "junos 12.2r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.21"
},
{
"model": "laserjet p4014 cb506a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "laserjet enterprise mfp m525f cf116a 2302963 436069",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "puremessage for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "5.5.4"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"model": "financial services lending and leasing",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "14.1"
},
{
"model": "flex system p24l compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "email security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.1"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "eucalyptus",
"scope": "eq",
"trust": 0.3,
"vendor": "eucalyptus",
"version": "3.4.2"
},
{
"model": "3par service processor sp-4.1.0.ga-97.p011",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.25"
},
{
"model": "3par service processor sp-4.1.0.ga-97.p010",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.20"
},
{
"model": "cloudsystem foundation",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8.1"
},
{
"model": "database and middleware automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.30"
},
{
"model": "jetdirect 635n eio card j7961g",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "41.16"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.84"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.3"
},
{
"model": "junos 13.3r2-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.36"
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "color laserjet multifunction printer series q7517a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flex system p460",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-42x)0"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "junos pulse for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.01"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.18"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.05"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.2"
},
{
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"model": "laserjet enterprise mfp m630 series b3g86a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.8"
},
{
"model": "dsr-500n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "color laserjet m651 cz257a 2302963 436073",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.21"
},
{
"model": "color laserjet cm6040 multifunction printer q3938a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52.256.1"
},
{
"model": "netiq sslvpn server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.45"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4"
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.77"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "color laserjet cp4005 printer series cb503a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "46.230.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.18"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.75"
},
{
"model": "sparc m10-1",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.5"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "laserjet enterprise m603 series ce995a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.44"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "laserjet enterprise mfp m630 series j7x28a 2303714 233000041",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0.1750.166"
},
{
"model": "junos 11.4r3.7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "junos 13.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.52"
},
{
"model": "dsr-500 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "dgs-1500.20",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.51.005"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "laserjet enterprise m602 series ce992a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45-"
},
{
"model": "update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "laserjet p2055 printer series ce457a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20141201"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.5"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "idol image server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.87"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.35"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087520"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.27"
},
{
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.36"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.47"
},
{
"model": "itbm standard",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.1"
},
{
"model": "fortigate",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "mcp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"model": "color laserjet flow m680 cz250a 2302963 436072",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.32"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"model": "tivoli netcool/system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.6"
},
{
"model": "host checker",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "junos 12.2r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.21-20"
},
{
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.38"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3.1"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.6"
},
{
"model": "system x3400m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73791.42"
},
{
"model": "laserjet enterprise color m551 series cf083a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.4"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.35"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.97"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.34"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.22"
},
{
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.14"
},
{
"model": "laserjet enterprise color mfp m880 d7p71a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "color laserjet cp3525 cc470a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.183.1"
},
{
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.11"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "laserjet p4014 cb512a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.145"
},
{
"model": "project openssl 0.9.8za",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.3.0.1"
},
{
"model": "data ontap storage management initiative specification a",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "35.0"
},
{
"model": "aura application server sip core pb16",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "idp series 5.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.00"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.2.1"
},
{
"model": "puremessage for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "5.5.5"
},
{
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.1-122.17"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.5"
},
{
"model": "fortimail build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6170"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.4"
},
{
"model": "junos 10.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30"
},
{
"model": "vfabric web server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.3.4"
},
{
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.4.1"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "laserjet enterprise m712 series cf238a 2302963 436080",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "unified agent",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.35"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.10"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.05"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.7"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.33"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.5"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "web security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "junos space 13.3r1.9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet p4515 cb517a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "9.3-beta1",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "software foundation python",
"scope": "eq",
"trust": 0.3,
"vendor": "python",
"version": "2.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.98"
},
{
"model": "laserjet enterprise color mfp m880 a2w75a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.1"
},
{
"model": "horizon workspace server gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5"
},
{
"model": "laserjet enterprise p3015 ce595a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
}
],
"sources": [
{
"db": "BID",
"id": "67899"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.0m",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1h",
"versionStartIncluding": "1.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.9.8za",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:storage:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:filezilla-project:filezilla_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.9.45",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:application_processing_engine_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:application_processing_engine:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:cp1543-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.1.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:cp1543-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:s7-1500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:s7-1500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:rox_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.16.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:rox:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.13",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.4.2",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.7.8",
"versionStartIncluding": "2.7.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.10.29",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127422"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
}
],
"trust": 0.5
},
"cve": "CVE-2014-0224",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0224",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0224",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201406-080",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0224",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the \"CCS Injection\" vulnerability. OpenSSL is prone to security-bypass vulnerability. \nSuccessfully exploiting this issue may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks. \nVersions prior to OpenSSL 1.0.1 and 1.0.2-beta1 are vulnerable. \n\nHP Connect IT / HP SPM CIT - 9.5x\n Please install: HP Connect IT 9.53.P2\n\nFor Windows\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00070\n\nFor Linux\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00071\n\nFor AIX\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00072\n\nFor HPUX\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00073\n\nFor Solaris\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00074\n\nHP Connect IT / HP SPM CIT - 9.4x\n Please install: HP Connect IT 9.40.P1\n\nFor windows(en)\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00075\n\nFor Linux(en)\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00076\n\nFor AIX(en)\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00077\n\nFor HPUX(en)\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00078\n\nFor Solaris(en)\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00079\n\nHP Connect IT / HP SPM AM 5.2x\n Please install: HP Connect IT 9.41.P1\n\nHISTORY\nVersion:1 (rev.1) - 19 August 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. ============================================================================\nUbuntu Security Notice USN-2232-3\nJune 23, 2014\n\nopenssl regression\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 13.10\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nUSN-2232-1 introduced a regression in OpenSSL. The upstream fix for\nCVE-2014-0224 caused a regression for certain applications that use\nrenegotiation, such as PostgreSQL. This update fixes the problem. \n\nOriginal advisory details:\n\n J=C3=BCri Aedla discovered that OpenSSL incorrectly handled invalid DTLS\n fragments. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and\n Ubuntu 14.04 LTS. (CVE-2014-0195)\n Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. A\n remote attacker could use this issue to cause OpenSSL to crash, resulting\n in a denial of service. (CVE-2014-0221)\n KIKUCHI Masashi discovered that OpenSSL incorrectly handled certain\n handshakes. \n (CVE-2014-0224)\n Felix Gr=C3=B6bert and Ivan Fratri=C4=87 discovered that OpenSSL incorrectly handled\n anonymous ECDH ciphersuites. A remote attacker could use this issue to\n cause OpenSSL to crash, resulting in a denial of service. This issue only\n affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. \n (CVE-2014-3470)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.4\n\nUbuntu 13.10:\n libssl1.0.0 1.0.1e-3ubuntu1.6\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.16\n\nUbuntu 10.04 LTS:\n libssl0.9.8 0.9.8k-7ubuntu8.19\n\nAfter a standard system update you need to reboot your computer to make all\nthe necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-2232-3\n http://www.ubuntu.com/usn/usn-2232-1\n https://launchpad.net/bugs/1332643\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.4\n https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.6\n https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.16\n https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.19\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201407-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: July 27, 2014\n Bugs: #512506\n ID: 201407-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, possibly allowing\nremote attackers to execute arbitrary code. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.1h-r1 *\u003e= 0.9.8z_p5\n *\u003e= 0.9.8z_p4\n *\u003e= 0.9.8z_p1\n *\u003e= 0.9.8z_p3\n *\u003e= 0.9.8z_p2\n *\u003e= 1.0.0m\n \u003e= 1.0.1h-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.1h-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-5298\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5298\n[ 2 ] CVE-2014-0195\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0195\n[ 3 ] CVE-2014-0198\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0198\n[ 4 ] CVE-2014-0221\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0221\n[ 5 ] CVE-2014-0224\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0224\n[ 6 ] CVE-2014-3470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3470\n[ 7 ] OpenSSL Security Advisory [05 Jun 2014]\n http://www.openssl.org/news/secadv_20140605.txt\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201407-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. The bulletin does not apply to any other 3rd party application\n(e.g. operating system, web server, or application server) that may be\nrequired to be installed by the customer according instructions in the\nproduct install guide. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04347622\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04347622\nVersion: 1\n\nHPSBHF03052 rev.1 - HP Intelligent Management Center (iMC), HP Network\nProducts including H3C and 3COM Routers and Switches running OpenSSL, Remote\nDenial of Service (DoS), Code Execution, Unauthorized Access, Modification or\nDisclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-06-20\nLast Updated: 2014-06-20\n\nPotential Security Impact: Remote Denial of Service (DoS), code execution,\nunauthorized access, modification of information, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP Intelligent\nManagement Center (iMC), HP Network Products including 3COM and H3C routers\nand switches running OpenSSL. The vulnerabilities could be exploited remotely\nto create a Denial of Service (DoS), execute code, allow unauthorized access,\nmodify or disclose information. \n\nReferences:\n\nCVE-2010-5298 Remote Denial of Service (DoS) or Modification of Information\nCVE-2014-0198 Remote Unauthorized Access (only iMC impacted)\nCVE-2014-0224 Remote Unauthorized Access or Disclosure of Information\nSSRT101561\nNote: All products listed are impacted by CVE-2014-0224 . iMC is also\nimpacted by CVE-2014-0198 and CVE-2010-5298\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nPlease refer to the RESOLUTION\n section below for a list of impacted products. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\nOn June 5th 2014, OpenSSL.org issued an advisory with several CVE\nvulnerabilities. HP Networking is working to release fixes for these\nvulnerabilities that impact the products in the table below. As fixed\nsoftware is made available, this security bulletin will be updated to show\nthe fixed versions. Until the software fixes are available, HP Networking is\nproviding the following information including possible workarounds to\nmitigate the risks of these vulnerabilities. \n\nDescription\n\nThe most serious issue reported is CVE-2014-0224 and it is the one discussed\nhere. To take advantage CVE-2014-0224, an attacker must:\n\nbe in between the OpenSSL client and OpenSSL server. \nbe capable of intercepting and modifying packets between the OpenSSL client\nand OpenSSL server in real time. \n\nWorkarounds\n\nHP Networking equipment is typically deployed inside firewalls and access to\nmanagement interfaces and other protocols is more tightly controlled than in\npublic environments. This deployment and security restrictions help to reduce\nthe possibility of an attacker being able to intercept both OpenSSL client\nand OpenSSL server traffic. \n\nFollowing the guidelines in the Hardening Comware-based devices can help to\nfurther reduce man-in-the-middle opportunities:\n\nhttp://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=c03536\n920\n\nFor an HP Networking device acting as an OpenSSL Server, using a patched\nOpenSSL client or non-OpenSSL client eliminates the risk. As an example, most\nmodern web browsers do not use the OpenSSL client and the sessions between\nthe HP Networking OpenSSL server and the non-OpenSSL client are not at risk\nfor this attack. For HP Networking Equipment that is using an OpenSSL client,\npatching the OpenSSL server will eliminate the risk of this attack. \n\nProtocol Notes\n\nThe following details the protocols that use OpenSSL in Comware v5 and\nComware v7:\n\nComware V7:\n\nServer:\n\nFIPS/HTTPS/Load Balancing/Session Initiation Protocol\n\nClient:\n\nLoad Balancing/OpenFlow/Session Initiation Protocol/State Machine Based\nAnti-Spoofing/Dynamic DNS\n\nComware V5:\n\nServer:\n\nCAPWAP/EAP/SSLVPN\n\nClient:\n\nDynamic DNS\n\nFamily\n Fixed Version\n HP Branded Products Impacted\n H3C Branded Products Impacted\n 3Com Branded Products Impacted\n\n12900 Switch Series\n Fix in progress\nuse mitigations\n JG619A HP FF 12910 Switch AC Chassis\nJG621A HP FF 12910 Main Processing Unit\nJG632A HP FF 12916 Switch AC Chassis\nJG634A HP FF 12916 Main Processing Unit\n\n12500\n Fix in progress\nuse mitigations\n JC085A HP A12518 Switch Chassis\nJC086A HP A12508 Switch Chassis\nJC652A HP 12508 DC Switch Chassis\nJC653A HP 12518 DC Switch Chassis\nJC654A HP 12504 AC Switch Chassis\nJC655A HP 12504 DC Switch Chassis\nJF430A HP A12518 Switch Chassis\nJF430B HP 12518 Switch Chassis\nJF430C HP 12518 AC Switch Chassis\nJF431A HP A12508 Switch Chassis\nJF431B HP 12508 Switch Chassis\nJF431C HP 12508 AC Switch Chassis\nJC072B HP 12500 Main Processing Unit\nJC808A HP 12500 TAA Main Processing Unit\n H3C S12508 Routing Switch(AC-1) (0235A0GE)\nH3C S12518 Routing Switch(AC-1) (0235A0GF)\nH3C S12508 Chassis (0235A0E6)\nH3C S12508 Chassis (0235A38N)\nH3C S12518 Chassis (0235A0E7)\nH3C S12518 Chassis (0235A38M)\n\n12500 (Comware v7)\n Fix in progress\nuse mitigations\n JC085A HP A12518 Switch Chassis\nJC086A HP A12508 Switch Chassis\nJC652A HP 12508 DC Switch Chassis\nJC653A HP 12518 DC Switch Chassis\nJC654A HP 12504 AC Switch Chassis\nJC655A HP 12504 DC Switch Chassis\nJF430A HP A12518 Switch Chassis\nJF430B HP 12518 Switch Chassis\nJF430C HP 12518 AC Switch Chassis\nJF431A HP A12508 Switch Chassis\nJF431B HP 12508 Switch Chassis\nJF431C HP 12508 AC Switch Chassis\nJC072B HP 12500 Main Processing Unit\nJG497A HP 12500 MPU w/Comware V7 OS\nJG782A HP FF 12508E AC Switch Chassis\nJG783A HP FF 12508E DC Switch Chassis\nJG784A HP FF 12518E AC Switch Chassis\nJG785A HP FF 12518E DC Switch Chassis\nJG802A HP FF 12500E MPU\n H3C S12508 Routing Switch(AC-1) (0235A0GE)\nH3C S12518 Routing Switch(AC-1) (0235A0GF)\nH3C S12508 Chassis (0235A0E6)\nH3C S12508 Chassis (0235A38N)\nH3C S12518 Chassis (0235A0E7)\nH3C S12518 Chassis (0235A38M)\n\n11900 Switch Series\n Fix in progress\nuse mitigations\n JG608A HP FF 11908-V Switch Chassis\nJG609A HP FF 11900 Main Processing Unit\n\n10500 Switch Series (Comware v5)\n Fix in progress\nuse mitigations\n JC611A HP 10508-V Switch Chassis\nJC612A HP 10508 Switch Chassis\nJC613A HP 10504 Switch Chassis\nJC614A HP 10500 Main Processing Unit\nJC748A HP 10512 Switch Chassis\nJG375A HP 10500 TAA Main Processing Unit\nJG820A HP 10504 TAA Switch Chassis\nJG821A HP 10508 TAA Switch Chassis\nJG822A HP 10508-V TAA Switch Chassis\nJG823A HP 10512 TAA Switch Chassis\n\n10500 Switch Series (Comware v7)\n Fix in progress\nuse mitigations\n JC611A HP 10508-V Switch Chassis\nJC612A HP 10508 Switch Chassis\nJC613A HP 10504 Switch Chassis\nJC748A HP 10512 Switch Chassis\nJG820A HP 10504 TAA Switch Chassis\nJG821A HP 10508 TAA Switch Chassis\nJG822A HP 10508-V TAA Switch Chassis\nJG823A HP 10512 TAA Switch Chassis\nJG496A HP 10500 Type A MPU w/Comware v7 OS\n\n9500E\n Fix in progress\nuse mitigations\n JC124A HP A9508 Switch Chassis\nJC124B HP 9505 Switch Chassis\nJC125A HP A9512 Switch Chassis\nJC125B HP 9512 Switch Chassis\nJC474A HP A9508-V Switch Chassis\nJC474B HP 9508-V Switch Chassis\n H3C S9505E Routing-Switch Chassis (0235A0G6)\nH3C S9508E-V Routing-Switch Chassis (0235A38Q)\nH3C S9512E Routing-Switch Chassis (0235A0G7)\nH3C S9508E-V Routing-Switch Chassis (0235A38Q)\nH3C S9505E Chassis w/ Fans (0235A38P)\nH3C S9512E Chassis w/ Fans (0235A38R)\n\nRouter 8800\n Fix in progress\nuse mitigations\n JC147A HP A8802 Router Chassis\nJC147B HP 8802 Router Chassis\nJC148A HP A8805 Router Chassis\nJC148B HP 8805 Router Chassis\nJC149A HP A8808 Router Chassis\nJC149B HP 8808 Router Chassis\nJC150A HP A8812 Router Chassis\nJC150B HP 8812 Router Chassis\nJC141A HP 8802 Main Control Unit Module\nJC138A HP 8805/08/12 (1E) Main Cntrl Unit Mod\nJC137A HP 8805/08/12 (2E) Main Cntrl Unit Mod\n H3C SR8805 10G Core Router Chassis (0235A0G8)\nH3C SR8808 10G Core Router Chassis (0235A0G9)\nH3C SR8812 10G Core Router Chassis (0235A0GA)\nH3C SR8802 10G Core Router Chassis (0235A0GC)\nH3C SR8802 10G Core Router Chassis (0235A31B)\nH3C SR8805 10G Core Router Chassis (0235A31C)\nH3C SR8808 10G Core Router Chassis (0235A31D)\nH3C SR8812 10G Core Router Chassis (0235A31E)\n\n7500 Switch Series\n Fix in progress\nuse mitigations\n JC666A HP A7503-S 144 Gbps Fab/MPU w 24p Gig-T\nJC697A HP A7502 TAA Main Processing Unit\nJC698A HP A7503S 144 Gbps TAA Fab/MPU w 24p GbE\nJC699A HP A7500 384Gbps TAA Fab/MPU w 2p 10-GbE\nJC700A HP A7500 384 Gbps TAA Fabric / MPU\nJC701A HP A7510 768 Gbps TAA Fabric / MPU\nJD193A HP 384 Gbps A7500 Fab Mod w/2 XFP Ports\nJD193B HP 7500 384Gbps Fab Mod w/2 XFP Ports\nJD194A HP 384 Gbps Fabric A7500 Module\nJD194B HP 7500 384Gbps Fabric Module\nJD195A HP 7500 384Gbps Advanced Fabric Module\nJD196A HP 7502 Fabric Module\nJD220A HP 7500 768Gbps Fabric Module\nJD238A HP A7510 Switch Chassis\nJD238B HP 7510 Switch Chassis\nJD239A HP A7506 Switch Chassis\nJD239B HP 7506 Switch Chassis\nJD240A HP A7503 Switch Chassis\nJD240B HP 7503 Switch Chassis\nJD241A HP A7506 Vertical Switch Chassis\nJD241B HP 7506-V Switch Chassis\nJD242A HP A7502 Switch Chassis\nJD242B HP 7502 Switch Chassis\nJD243A HP A7503 Switch Chassis w/1 Fabric Slot\nJD243B HP 7503-S Switch Chassis w/1 Fabric Slot\n H3C S7502E Ethernet Switch Chassis with Fan (0235A0G4)\nH3C S7503E Ethernet Switch Chassis with Fan (0235A0G2)\nH3C S7503E-S Ethernet Switch Chassis with Fan (0235A0G5)\nH3C S7506E Ethernet Switch Chassis with Fan (0235A0G1)\nH3C S7506E-V Ethernet Switch Chassis with Fan (0235A0G3)\nH3C S7510E Ethernet Switch Chassis with Fan (0235A0G0)\nH3C S7502E Chassis w/ fans (0235A29A)\nH3C S7503E Chassis w/ fans (0235A27R)\nH3C S7503E-S Chassis w/ fans (0235A33R)\nH3C S7506E Chassis w/ fans (0235A27Q)\nH3C S7506E-V Chassis w/ fans (0235A27S)\n\nHSR6800\n Fix in progress\nuse mitigations\n JG361A HP HSR6802 Router Chassis\nJG362A HP HSR6804 Router Chassis\nJG363A HP HSR6808 Router Chassis\nJG364A HP HSR6800 RSE-X2 Router MPU\nJG779A HP HSR6800 RSE-X2 Router TAA MPU\n\nHSR6800 Russian Version\n Fix in progress\nuse mitigations\n JG361A HP HSR6802 Router Chassis\nJG362A HP HSR6804 Router Chassis\nJG363A HP HSR6808 Router Chassis\nJG364A HP HSR6800 RSE-X2 Router MPU\nJG779A HP HSR6800 RSE-X2 Router TAA MPU\n\nHSR6602\n Fix in progress\nuse mitigations\n JG353A HP HSR6602-G Router\nJG354A HP HSR6602-XG Router\nJG776A HP HSR6602-G TAA Router\nJG777A HP HSR6602-XG TAA Router\n\nHSR6602 Russian Version\n Fix in progress\nuse mitigations\n JG353A HP HSR6602-G Router\nJG354A HP HSR6602-XG Router\nJG776A HP HSR6602-G TAA Router\nJG777A HP HSR6602-XG TAA Router\n\nA6600\n Fix in progress\nuse mitigations\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJC566A HP A6600 RSE-X1 Main Processing Unit\nJG780A HP 6600 RSE-X1 Router TAA MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\nA6600 Russian Version\n Fix in progress\nuse mitigations\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJC566A HP A6600 RSE-X1 Main Processing Unit\nJG780A HP 6600 RSE-X1 Router TAA MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n6600 MCP\n Fix in progress\nuse mitigations\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJG778A HP 6600 MCP-X2 Router TAA MPU. JG355A HP 6600 MCP-X1 Router MPU\nJG356A HP 6600 MCP-X2 Router MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n6600 MCP Russian Version\n Fix in progress\nuse mitigations\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJG778A HP 6600 MCP-X2 Router TAA MPU\nJG355A HP 6600 MCP-X1 Router MPU\nJG356A HP 6600 MCP-X2 Router MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n5920 Switch Series\n Fix in progress\nuse mitigations\n JG296A HP 5920AF-24XG Switch\nJG555A HP 5920AF-24XG TAA Switch\n\n5900 Switch Series\n Fix in progress\nuse mitigations\n JC772A HP 5900AF-48XG-4QSFP+ Switch\nJG336A HP 5900AF-48XGT-4QSFP+ Switch\nJG510A HP 5900AF-48G-4XG-2QSFP+ Switch\nJG554A HP 5900AF-48XG-4QSFP+ TAA Switch\nJG838A HP FF 5900CP-48XG-4QSFP+ Switch\n\n5900 Virtual Switch\n Fix in progress\nuse mitigations\n JG814AAE HP Virtual Switch 5900v VMware E-LTU\nJG815AAE HP VSO SW for 5900v VMware E-LTU\n\n5830 Switch Series\n Fix in progress\nuse mitigations\n JC691A HP A5830AF-48G Switch w/1 Interface Slot\nJC694A HP A5830AF-96G Switch\nJG316A HP 5830AF-48G TAA Switch w/1 Intf Slot\nJG374A HP 5830AF-96G TAA Switch\n\n5820 Switch Series\n Fix in progress\nuse mitigations\n JC102A HP 5820-24XG-SFP+ Switch\nJC106A HP 5820-14XG-SFP+ Switch with 2 Slots\nJG219A HP 5820AF-24XG Switch\nJG243A HP 5820-24XG-SFP+ TAA-compliant Switch\nJG259A HP 5820X-14XG-SFP+ TAA Switch w 2 Slots\n H3C S5820X-28C 14 port (SFP Plus ) Plus 4-port BT (RJ45) Plus 2 media\nmodules Plus OSM (0235A37L)\nH3C S5820X-28S 24-port 10GBASE-X (SFP Plus ) Plus 4-port 10/100/1000BASE-T\n(RJ45) (0235A370)\n\n5800 Switch Series\n Fix in progress\nuse mitigations\n JC099A HP 5800-24G-PoE Switch\nJC100A HP 5800-24G Switch\nJC101A HP 5800-48G Switch with 2 Slots\nJC103A HP 5800-24G-SFP Switch\nJC104A HP 5800-48G-PoE Switch\nJC105A HP 5800-48G Switch\nJG225A HP 5800AF-48G Switch\nJG242A HP 5800-48G-PoE+ TAA Switch w 2 Slots\nJG254A HP 5800-24G-PoE+ TAA-compliant Switch\nJG255A HP 5800-24G TAA-compliant Switch\nJG256A HP 5800-24G-SFP TAA Switch w 1 Intf Slt\nJG257A HP 5800-48G-PoE+ TAA Switch with 1 Slot\nJG258A HP 5800-48G TAA Switch w 1 Intf Slot\n H3C S5800-32C - 24-port 1BT Plus 4-port (SFP Plus ) Plus 1 media slot\n(0235A36U)\nH3C S5800-32C-PWR - 24-port 10/100/1000BASE-T (RJ45) Plus 4-port 10GBASE-X\n(SFP Plus ) Plus 1 media module PoE (0235A36S)\nH3C S5800-32F 24-port 1000BASE-X (SFP) Plus 4-port 10GBASE-X (SFP Plus ) Plus\nmedia module (no power) (0235A374)\nH3C S5800-56C 48-port 10/100/1000BASE-T (RJ45) Plus 4port 10GBASE-X (SFP Plus\n) Plus media module (0235A379)\nH3C S5800-56C-PWR 48-port BT Plus 4 port (SFP Plus ) Plus media module\n(0235A378)\nH3C S5800-60C-PWR 48-port BT Plus 4-port SFP Plus 2 media modules Plus OSM\n(0235A36W)\n\n5500 HI Switch Series\n Fix in progress\nuse mitigations\n JG311A HP HI 5500-24G-4SFP w/2 Intf Slts Switch\nJG312A HP HI 5500-48G-4SFP w/2 Intf Slts Switch\nJG541A HP 5500-24G-PoE+-4SFP HI Switch w/2 Slt\nJG542A HP 5500-48G-PoE+-4SFP HI Switch w/2 Slt\nJG543A HP 5500-24G-SFP HI Switch w/2 Intf Slt\nJG679A HP 5500-24G-PoE+-4SFP HI TAA Swch w/2Slt\nJG680A HP 5500-48G-PoE+-4SFP HI TAA Swch w/2Slt\nJG681A HP 5500-24G-SFP HI TAA Swch w/2Slt\n\n5500 EI Switch Series\n Fix in progress\nuse mitigations\n JD373A HP 5500-24G DC EI Switch\nJD374A HP 5500-24G-SFP EI Switch\nJD375A HP 5500-48G EI Switch\nJD376A HP 5500-48G-PoE EI Switch\nJD377A HP 5500-24G EI Switch\nJD378A HP 5500-24G-PoE EI Switch\nJD379A HP 5500-24G-SFP DC EI Switch\nJG240A HP 5500-48G-PoE+ EI Switch w/2 Intf Slts\nJG241A HP 5500-24G-PoE+ EI Switch w/2 Intf Slts\nJG249A HP 5500-24G-SFP EI TAA Switch w 2 Slts\nJG250A HP 5500-24G EI TAA Switch w 2 Intf Slts\nJG251A HP 5500-48G EI TAA Switch w 2 Intf Slts\nJG252A HP 5500-24G-PoE+ EI TAA Switch w/2 Slts\nJG253A HP 5500-48G-PoE+ EI TAA Switch w/2 Slts\n H3C S5500-28C-EI Ethernet Switch (0235A253)\nH3C S5500-28F-EI Eth Switch AC Single (0235A24U)\nH3C S5500-52C-EI Ethernet Switch (0235A24X)\nH3C S5500-28C-EI-DC Ethernet Switch (0235A24S)\nH3C S5500-28C-PWR-EI Ethernet Switch (0235A255)\nH3C S5500-28F-EI Eth Swtch DC Single Pwr (0235A259)\nH3C S5500-52C-PWR-EI Ethernet Switch (0235A251)\n\n5500 SI Switch Series\n Fix in progress\nuse mitigations\n JD369A HP 5500-24G SI Switch\nJD370A HP 5500-48G SI Switch\nJD371A HP 5500-24G-PoE SI Switch\nJD372A HP 5500-48G-PoE SI Switch\nJG238A HP 5500-24G-PoE+ SI Switch w/2 Intf Slts\nJG239A HP 5500-48G-PoE+ SI Switch w/2 Intf Slts\n H3C S5500-28C-SI Ethernet Switch (0235A04U)\nH3C S5500-52C-SI Ethernet Switch (0235A04V)\nH3C S5500-28C-PWR-SI Ethernet Switch (0235A05H)\nH3C S5500-52C-PWR-SI Ethernet Switch (0235A05J)\n\n5120 EI Switch Series\n Fix in progress\nuse mitigations\n JE066A HP 5120-24G EI Switch\nJE067A HP 5120-48G EI Switch\nJE068A HP 5120-24G EI Switch with 2 Slots\nJE069A HP 5120-48G EI Switch with 2 Slots\nJE070A HP 5120-24G-PoE EI Switch with 2 Slots\nJE071A HP 5120-48G-PoE EI Switch with 2 Slots\nJG236A HP 5120-24G-PoE+ EI Switch w/2 Intf Slts\nJG237A HP 5120-48G-PoE+ EI Switch w/2 Intf Slts\nJG245A HP 5120-24G EI TAA Switch w 2 Intf Slts\nJG246A HP 5120-48G EI TAA Switch w 2 Intf Slts\nJG247A HP 5120-24G-PoE+ EI TAA Switch w 2 Slts\nJG248A HP 5120-48G-PoE+ EI TAA Switch w 2 Slts\n H3C S5120-24P-EI 24GE Plus 4ComboSFP (0235A0BQ)\nH3C S5120-28C-EI 24GE Plus 4Combo Plus 2Slt (0235A0BS)\nH3C S5120-48P-EI 48GE Plus 4ComboSFP (0235A0BR)\nH3C S5120-52C-EI 48GE Plus 4Combo Plus 2Slt (0235A0BT)\nH3C S5120-28C-PWR-EI 24G Plus 4C Plus 2S Plus POE (0235A0BU)\nH3C S5120-52C-PWR-EI 48G Plus 4C Plus 2S Plus POE (0235A0BV)\n\n5120 SI switch Series\n Fix in progress\nuse mitigations\n JE072A HP 5120-48G SI Switch\nJE073A HP 5120-16G SI Switch\nJE074A HP 5120-24G SI Switch\nJG091A HP 5120-24G-PoE+ (370W) SI Switch\nJG092A HP 5120-24G-PoE+ (170W) SI Switch\n H3C S5120-52P-SI 48GE Plus 4 SFP (0235A41W)\nH3C S5120-20P-SI L2\n16GE Plus 4SFP (0235A42B)\nH3C S5120-28P-SI 24GE Plus 4 SFP (0235A42D)\nH3C S5120-28P-HPWR-SI (0235A0E5)\nH3C S5120-28P-PWR-SI (0235A0E3)\n\n4800 G Switch Series\n Fix in progress\nuse mitigations\n JD007A HP 4800-24G Switch\nJD008A HP 4800-24G-PoE Switch\nJD009A HP 4800-24G-SFP Switch\nJD010A HP 4800-48G Switch\nJD011A HP 4800-48G-PoE Switch\n\n 3Com Switch 4800G 24-Port (3CRS48G-24-91)\n3Com Switch 4800G 24-Port SFP (3CRS48G-24S-91)\n3Com Switch 4800G 48-Port (3CRS48G-48-91)\n3Com Switch 4800G PWR 24-Port (3CRS48G-24P-91)\n3Com Switch 4800G PWR 48-Port (3CRS48G-48P-91)\n\n4510G Switch Series\n Fix in progress\nuse mitigations\n JF428A HP 4510-48G Switch\nJF847A HP 4510-24G Switch\n\n 3Com Switch 4510G 48 Port (3CRS45G-48-91)\n3Com Switch 4510G PWR 24-Port (3CRS45G-24P-91)\n3Com Switch E4510-24G (3CRS45G-24-91)\n\n4210G Switch Series\n Fix in progress\nuse mitigations\n JF844A HP 4210-24G Switch\nJF845A HP 4210-48G Switch\nJF846A HP 4210-24G-PoE Switch\n\n 3Com Switch 4210-24G (3CRS42G-24-91)\n3Com Switch 4210-48G (3CRS42G-48-91)\n3Com Switch E4210-24G-PoE (3CRS42G-24P-91)\n\n3610 Switch Series\n Fix in progress\nuse mitigations\n JD335A HP 3610-48 Switch\nJD336A HP 3610-24-4G-SFP Switch\nJD337A HP 3610-24-2G-2G-SFP Switch\nJD338A HP 3610-24-SFP Switch\n H3C S3610-52P - model LS-3610-52P-OVS (0235A22C)\nH3C S3610-28P - model LS-3610-28P-OVS (0235A22D)\nH3C S3610-28TP - model LS-3610-28TP-OVS (0235A22E)\nH3C S3610-28F - model LS-3610-28F-OVS (0235A22F)\n\n3600 V2 Switch Series\n Fix in progress\nuse mitigations\n JG299A HP 3600-24 v2 EI Switch\nJG300A HP 3600-48 v2 EI Switch\nJG301A HP 3600-24-PoE+ v2 EI Switch\nJG301B HP 3600-24-PoE+ v2 EI Switch\nJG302A HP 3600-48-PoE+ v2 EI Switch\nJG302B HP 3600-48-PoE+ v2 EI Switch\nJG303A HP 3600-24-SFP v2 EI Switch\nJG304A HP 3600-24 v2 SI Switch\nJG305A HP 3600-48 v2 SI Switch\nJG306A HP 3600-24-PoE+ v2 SI Switch\nJG306B HP 3600-24-PoE+ v2 SI Switch\nJG307A HP 3600-48-PoE+ v2 SI Switch\nJG307B HP 3600-48-PoE+ v2 SI Switch\n\n3100V2\n Fix in progress\nuse mitigations\n JD313B HP 3100-24-PoE v2 EI Switch\nJD318B HP 3100-8 v2 EI Switch\nJD319B HP 3100-16 v2 EI Switch\nJD320B HP 3100-24 v2 EI Switch\nJG221A HP 3100-8 v2 SI Switch\nJG222A HP 3100-16 v2 SI Switch\nJG223A HP 3100-24 v2 SI Switch\n\n3100V2-48\n Fix in progress\nuse mitigations\n JG315A HP 3100-48 v2 Switch\n\n1910\n Fix in progress\nuse mitigations\n JE005A HP 1910-16G Switch\nJE006A HP 1910-24G Switch\nJE007A HP 1910-24G-PoE (365W) Switch\nJE008A HP 1910-24G-PoE(170W) Switch\nJE009A HP 1910-48G Switch\nJG348A HP 1910-8G Switch\nJG349A HP 1910-8G-PoE+ (65W) Switch\nJG350A HP 1910-8G-PoE+ (180W) Switch\n 3Com Baseline Plus Switch 2900 Gigabit Family - 52 port (3CRBSG5293)\n3Com Baseline Plus Switch 2900G - 20 port (3CRBSG2093)\n3Com Baseline Plus Switch 2900G - 28 port (3CRBSG2893)\n3Com Baseline Plus Switch 2900G - 28HPWR (3CRBSG28HPWR93)\n3Com Baseline Plus Switch 2900G - 28PWR (3CRBSG28PWR93)\n\n1810v1 P2\n Fix in progress\nuse mitigations\n J9449A HP 1810-8G Switch\nJ9450A HP 1810-24G Switch\n\n1810v1 PK\n Fix in progress\nuse mitigations\n J9660A HP 1810-48G Switch\n\nMSR20\n Fix in progress\nuse mitigations\n JD432A HP A-MSR20-21 Multi-Service Router\nJD662A HP MSR20-20 Multi-Service Router\nJD663A HP MSR20-21 Multi-Service Router\nJD663B HP MSR20-21 Router\nJD664A HP MSR20-40 Multi-Service Router\nJF228A HP MSR20-40 Router\nJF283A HP MSR20-20 Router\n H3C RT-MSR2020-AC-OVS-H3C (0235A324)\nH3C RT-MSR2040-AC-OVS-H3 (0235A326)\nH3C MSR 20-20 (0235A19H)\nH3C MSR 20-21 (0235A325)\nH3C MSR 20-40 (0235A19K)\nH3C MSR-20-21 Router (0235A19J)\n\nMSR20-1X\n Fix in progress\nuse mitigations\n JD431A HP MSR20-10 Router\nJD667A HP MSR20-15 IW Multi-Service Router\nJD668A HP MSR20-13 Multi-Service Router\nJD669A HP MSR20-13 W Multi-Service Router\nJD670A HP MSR20-15 A Multi-Service Router\nJD671A HP MSR20-15 AW Multi-Service Router\nJD672A HP MSR20-15 I Multi-Service Router\nJD673A HP MSR20-11 Multi-Service Router\nJD674A HP MSR20-12 Multi-Service Router\nJD675A HP MSR20-12 W Multi-Service Router\nJD676A HP MSR20-12 T1 Multi-Service Router\nJF236A HP MSR20-15-I Router\nJF237A HP MSR20-15-A Router\nJF238A HP MSR20-15-I-W Router\nJF239A HP MSR20-11 Router\nJF240A HP MSR20-13 Router\nJF241A HP MSR20-12 Router\nJF806A HP MSR20-12-T Router\nJF807A HP MSR20-12-W Router\nJF808A HP MSR20-13-W Router\nJF809A HP MSR20-15-A-W Router\nJF817A HP MSR20-15 Router\nJG209A HP MSR20-12-T-W Router (NA)\nJG210A HP MSR20-13-W Router (NA)\n H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)\nH3C MSR 20-10 (0235A0A7)\nH3C RT-MSR2011-AC-OVS-H3 (0235A395)\nH3C RT-MSR2012-AC-OVS-H3 (0235A396)\nH3C RT-MSR2012-AC-OVS-W-H3 (0235A397)\nH3C RT-MSR2012-T-AC-OVS-H3 (0235A398)\nH3C RT-MSR2013-AC-OVS-H3 (0235A390)\nH3C RT-MSR2013-AC-OVS-W-H3 (0235A391)\nH3C RT-MSR2015-AC-OVS-A-H3 (0235A392)\nH3C RT-MSR2015-AC-OVS-AW-H3 (0235A393)\nH3C RT-MSR2015-AC-OVS-I-H3 (0235A394)\nH3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V)\nH3C MSR 20-11 (0235A31V)\nH3C MSR 20-12 (0235A32E)\nH3C MSR 20-12 T1 (0235A32B)\nH3C MSR 20-13 (0235A31W)\nH3C MSR 20-13 W (0235A31X)\nH3C MSR 20-15 A (0235A31Q)\nH3C MSR 20-15 A W (0235A31R)\nH3C MSR 20-15 I (0235A31N)\nH3C MSR 20-15 IW (0235A31P)\nH3C MSR20-12 W (0235A32G)\n\nMSR30\n Fix in progress\nuse mitigations\n JD654A HP MSR30-60 POE Multi-Service Router\nJD657A HP MSR30-40 Multi-Service Router\nJD658A HP MSR30-60 Multi-Service Router\nJD660A HP MSR30-20 POE Multi-Service Router\nJD661A HP MSR30-40 POE Multi-Service Router\nJD666A HP MSR30-20 Multi-Service Router\nJF229A HP MSR30-40 Router\nJF230A HP MSR30-60 Router\nJF232A HP RT-MSR3040-AC-OVS-AS-H3\nJF235A HP MSR30-20 DC Router\nJF284A HP MSR30-20 Router\nJF287A HP MSR30-40 DC Router\nJF801A HP MSR30-60 DC Router\nJF802A HP MSR30-20 PoE Router\nJF803A HP MSR30-40 PoE Router\nJF804A HP MSR30-60 PoE Router\n H3C MSR 30-20 Router (0235A328)\nH3C MSR 30-40 Router Host(DC) (0235A268)\nH3C RT-MSR3020-AC-POE-OVS-H3 (0235A322)\nH3C RT-MSR3020-DC-OVS-H3 (0235A267)\nH3C RT-MSR3040-AC-OVS-H (0235A299)\nH3C RT-MSR3040-AC-POE-OVS-H3 (0235A323)\nH3C RT-MSR3060-AC-OVS-H3 (0235A320)\nH3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)\nH3C RT-MSR3060-DC-OVS-H3 (0235A269)\nH3C MSR 30-20 RTVZ33020AS Router Host(AC) (0235A20S)\nH3C MSR 30-20 (0235A19L)\nH3C MSR 30-20 POE (0235A239)\nH3C MSR 30-40 (0235A20J)\nH3C MSR 30-40 POE (0235A25R)\nH3C MSR 30-60 (0235A20K)\nH3C MSR 30-60 POE (0235A25S)\nH3C RT-MSR3040-AC-OVS-AS-H3 (0235A20V)\n\nMSR30-16\n Fix in progress\nuse mitigations\n JD659A HP MSR30-16 POE Multi-Service Router\nJD665A HP MSR30-16 Multi-Service Router\nJF233A HP MSR30-16 Router\nJF234A HP MSR30-16 PoE Router\n H3C RT-MSR3016-AC-OVS-H3 (0235A327)\nH3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)\nH3C MSR 30-16 (0235A237)\nH3C MSR 30-16 POE (0235A238)\n\nMSR30-1X\n Fix in progress\nuse mitigations\n JF800A HP MSR30-11 Router\nJF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\nJG182A HP MSR30-11E Router\nJG183A HP MSR30-11F Router\nJG184A HP MSR30-10 DC Router\n H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)\nH3C RT-MSR3011-AC-OVS-H3 (0235A29L)\n\nMSR50\n Fix in progress\nuse mitigations\n JD433A HP MSR50-40 Router\nJD653A HP MSR50 Processor Module\nJD655A HP MSR50-40 Multi-Service Router\nJD656A HP MSR50-60 Multi-Service Router\nJF231A HP MSR50-60 Router\nJF285A HP MSR50-40 DC Router\nJF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n H3C MSR 50-40 Router (0235A297)\nH3C MSR5040-DC-OVS-H3C (0235A20P)\nH3C RT-MSR5060-AC-OVS-H3 (0235A298)\nH3C MSR 50-40 Chassis (0235A20N)\nH3C MSR 50-60 Chassis (0235A20L)\n\nMSR50-G2\n Fix in progress\nuse mitigations\n JD429A HP MSR50 G2 Processor Module\nJD429B HP MSR50 G2 Processor Module\n H3C H3C MSR 50 Processor Module-G2 (0231A84Q)\nH3C MSR 50 High Performance Main Processing Unit 3GE (Combo)\n256F/1GD(0231A0KL)\n\nMSR20 Russian version\n Fix in progress\nuse mitigations\n JD663B HP MSR20-21 Router\nJF228A HP MSR20-40 Router\nJF283A HP MSR20-20 Router\n H3C RT-MSR2020-AC-OVS-H3C (0235A324)\nH3C RT-MSR2040-AC-OVS-H3 (0235A326)\n\nMSR20-1X Russian version\n Fix in progress\nuse mitigations\n JD431A HP MSR20-10 Router\nJF236A HP MSR20-15-I Router\nJF237A HP MSR20-15-A Router\nJF238A HP MSR20-15-I-W Router\nJF239A HP MSR20-11 Router\nJF240A HP MSR20-13 Router\nJF241A HP MSR20-12 Router\nJF806A HP MSR20-12-T Router\nJF807A HP MSR20-12-W Router\nJF808A HP MSR20-13-W Router\nJF809A HP MSR20-15-A-W Router\nJF817A HP MSR20-15 Router\n H3C MSR 20-10 (0235A0A7)\nH3C RT-MSR2015-AC-OVS-I-H3 (0235A394)\nH3C RT-MSR2015-AC-OVS-A-H3 (0235A392)\nH3C RT-MSR2015-AC-OVS-AW-H3 (0235A393)\nH3C RT-MSR2011-AC-OVS-H3 (0235A395)\nH3C RT-MSR2013-AC-OVS-H3 (0235A390)\nH3C RT-MSR2012-AC-OVS-H3 (0235A396)\nH3C RT-MSR2012-T-AC-OVS-H3 (0235A398)\nH3C RT-MSR2012-AC-OVS-W-H3 (0235A397)\nH3C RT-MSR2013-AC-OVS-W-H3 (0235A391)\nH3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V)\nH3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)\n\nMSR30 Russian version\n Fix in progress\nuse mitigations\n JF229A HP MSR30-40 Router\nJF230A HP MSR30-60 Router\nJF235A HP MSR30-20 DC Router\nJF284A HP MSR30-20 Router\nJF287A HP MSR30-40 DC Router\nJF801A HP MSR30-60 DC Router\nJF802A HP MSR30-20 PoE Router\nJF803A HP MSR30-40 PoE Router\nJF804A HP MSR30-60 PoE Router\n H3C RT-MSR3040-AC-OVS-H (0235A299)\nH3C RT-MSR3060-AC-OVS-H3 (0235A320)\nH3C RT-MSR3020-DC-OVS-H3 (0235A267)\nH3C MSR 30-20 Router (0235A328)\nH3C MSR 30-40 Router Host(DC) (0235A268)\nH3C RT-MSR3060-DC-OVS-H3 (0235A269)\nH3C RT-MSR3020-AC-POE-OVS-H3 (0235A322)\nH3C RT-MSR3040-AC-POE-OVS-H3 (0235A323)\nH3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)\n\nMSR30-1X Russian version\n Fix in progress\nuse mitigations\n JF800A HP MSR30-11 Router\nJF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\nJG182A HP MSR30-11E Router\nJG183A HP MSR30-11F Router\nJG184A HP MSR30-10 DC Router\n H3C RT-MSR3011-AC-OVS-H3 (0235A29L)\nH3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)\n\nMSR30-16 Russian version\n Fix in progress\nuse mitigations\n JF233A HP MSR30-16 Router\nJF234A HP MSR30-16 PoE Router\n H3C RT-MSR3016-AC-OVS-H3 (0235A327)\nH3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)\n\nMSR50 Russian version\n Fix in progress\nuse mitigations\n JD433A HP MSR50-40 Router\nJD653A HP MSR50 Processor Module\nJD655A HP MSR50-40 Multi-Service Router\nJD656A HP MSR50-60 Multi-Service Router\nJF231A HP MSR50-60 Router\nJF285A HP MSR50-40 DC Router\nJF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n H3C MSR 50-40 Router (0235A297)\nH3C MSR 50 Processor Module (0231A791)\nH3C MSR 50-40 Chassis (0235A20N)\nH3C MSR 50-60 Chassis (0235A20L)\nH3C RT-MSR5060-AC-OVS-H3 (0235A298)\nH3C MSR5040-DC-OVS-H3C (0235A20P)\n\nMSR50 G2 Russian version\n Fix in progress\nuse mitigations\n JD429B HP MSR50 G2 Processor Module\n H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD\n(0231A0KL)\n\nMSR9XX\n Fix in progress\nuse mitigations\n JF812A HP MSR900 Router\nJF813A HP MSR920 Router\nJF814A HP MSR900-W Router\nJF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr\nJG207A HP MSR900-W Router (NA)\nJG208A HP MSR920-W Router (NA)\n H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b\n(0235A0C2)\nH3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX)\nH3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4)\nH3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0)\n\nMSR9XX Russian version\n Fix in progress\nuse mitigations\n JF812A HP MSR900 Router\nJF813A HP MSR920 Router\nJF814A HP MSR900-W Router\nJF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr\n H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX)\nH3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0)\nH3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2)\nH3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4)\n\nMSR93X\n Fix in progress\nuse mitigations\n JG511A HP MSR930 Router\nJG512A HP MSR930 Wireless Router\nJG513A HP MSR930 3G Router\nJG514A HP MSR931 Router\nJG515A HP MSR931 3G Router\nJG516A HP MSR933 Router\nJG517A HP MSR933 3G Router\nJG518A HP MSR935 Router\nJG519A HP MSR935 Wireless Router\nJG520A HP MSR935 3G Router\nJG531A HP MSR931 Dual 3G Router\nJG596A HP MSR930 4G LTE/3G CDMA Router\nJG597A HP MSR936 Wireless Router\nJG665A HP MSR930 4G LTE/3G WCDMA Global Router\nJG704A HP MSR930 4G LTE/3G WCDMA ATT Router\n\nMSR93X Russian version\n Fix in progress\nuse mitigations\n JG511A HP MSR930 Router\nJG512A HP MSR930 Wireless Router\nJG513A HP MSR930 3G Router\nJG514A HP MSR931 Router\nJG515A HP MSR931 3G Router\nJG516A HP MSR933 Router\nJG517A HP MSR933 3G Router\nJG518A HP MSR935 Router\nJG519A HP MSR935 Wireless Router\nJG520A HP MSR935 3G Router\nJG531A HP MSR931 Dual 3G Router\nJG596A HP MSR930 4G LTE/3G CDMA Router\nJG597A HP MSR936 Wireless Router\nJG665A HP MSR930 4G LTE/3G WCDMA Global Router\nJG704A HP MSR930 4G LTE/3G WCDMA ATT Router\n\nMSR1000\n Fix in progress\nuse mitigations\n JG732A HP MSR1003-8 AC Router\n\nMSR2000\n Fix in progress\nuse mitigations\n JG411A HP MSR2003 AC Router\n\nMSR3000\n Fix in progress\nuse mitigations\n JG404A HP MSR3064 Router\nJG405A HP MSR3044 Router\nJG406A HP MSR3024 AC Router\nJG409A HP MSR3012 AC Router\nJG861A HP MSR3024 TAA-compliant AC Router\n\nMSR4000\n Fix in progress\nuse mitigations\n JG402A HP MSR4080 Router Chassis\nJG403A HP MSR4060 Router Chassis\nJG412A HP MSR4000 MPU-100 Main Processing Unit\n\nF5000\n Fix in progress\nuse mitigations\n JG216A HP F5000 Firewall Standalone Chassis\nJD259A HP A5000-A5 VPN Firewall Chassis\n H3C SecPath F5000-A5 Host System (0150A0AG)\n\nU200S and CS\n Fix in progress\nuse mitigations\n JD268A HP 200-CS UTM Appliance\nJD273A HP U200-S UTM Appliance\n H3C SecPath U200-S (0235A36N)\n\nU200A and M\n Fix in progress\nuse mitigations\n JD274A HP 200-M UTM Appliance\nJD275A HP U200-A UTM Appliance\n H3C SecPath U200-A (0235A36Q)\n\nF1000A and S\n Fix in progress\nuse mitigations\n JD270A HP S1000-S VPN Firewall Appliance\nJD271A HP S1000-A VPN Firewall Appliance\nJG213A HP F1000-S-EI VPN Firewall Appliance\nJG214A HP F1000-A-EI VPN Firewall Appliance\n\nSecBlade FW\n Fix in progress\nuse mitigations\n JC635A HP 12500 VPN Firewall Module\nJD245A HP 9500 VPN Firewall Module\nJD249A HP 10500/7500 Advanced VPN Firewall Mod\nJD250A HP 6600 Firewall Processing Rtr Module\nJD251A HP 8800 Firewall Processing Module\nJD255A HP 5820 VPN Firewall Module\n H3C S9500E SecBlade VPN Firewall Module (0231A0AV)\nH3C S7500E SecBlade VPN Firewall Module (0231A832)\nH3C SR66 Gigabit Firewall Module (0231A88A)\nH3C SR88 Firewall Processing Module (0231A88L)\nH3C S5820 SecBlade VPN Firewall Module (0231A94J)\n\nF1000E\n Fix in progress\nuse mitigations\n JD272A HP S1000-E VPN Firewall Appliance\n\nVSR1000\n Fix in progress\nuse mitigations\n JG810AAE HP VSR1001 Virtual Services Router\nJG811AAE HP VSR1001 Virtual Services Router\nJG812AAE HP VSR1004 Virtual Services Router\nJG813AAE HP VSR1008 Virtual Services Router\n\nWX5002/5004\n Fix in progress\nuse mitigations\n JD441A HP 5800 ACM for 64-256 APs\nJD447B HP WX5002 Access Controller\nJD448A HP A-WX5004 Access Controller\nJD448B HP WX5004 Access Controller\nJD469A HP A-WX5004 (3Com) Access Controller\nJG261A HP 5800 Access Controller OAA TAA Mod\n\nHP 850/870\n Fix in progress\nuse mitigations\n JG723A HP 870 Unified Wired-WLAN Appliance\nJG725A HP 870 Unifd Wrd-WLAN TAA Applnc\n\nHP 830\n Fix in progress\nuse mitigations\n JG640A HP 830 24P PoE+ Unifd Wired-WLAN Swch\nJG641A HP 830 8P PoE+ Unifd Wired-WLAN Swch\nJG646A HP 830 24-Port PoE+ Wrd-WLAN TAA Switch\nJG647A HP 830 8-Port PoE+ Wrd-WLAN TAA Switch\n\nHP 6000\n Fix in progress\nuse mitigations\n JG639A HP 10500/7500 20G Unified Wired-WLAN Mod\nJG645A HP 10500/7500 20G Unifd Wrd-WLAN TAA Mod\n\nM220\n Fix in progress\nuse mitigations\n J9798A HP M220 802.11n AM Access Point\nJ9799A HP M220 802.11n WW Access Point\n\nNGFW\n Fix in progress\nuse mitigations\n JC882A HP S1050F NGFW Aplnc w/DVLabs 1-yr Lic\nJC883A HP S3010F NGFW Aplnc w/DVLabs 1-yr Lic\nJC884A HP S3020F NGFW Aplnc w/DVLabs 1-yr Lic\nJC885A HP S8005F NGFW Aplnc w/DVLabs 1-yr Lic\nJC886A HP S8010F NGFW Aplnc w/DVLabs 1-yr Lic\n\niMC UAM 7.0\n Fix in progress\nuse mitigations\n JD144A HP IMC UAM S/W Module w/200-User License\nJF388A HP IMC UAM S/W Module w/200-user License\nJD435A HP IMC EAD Client Software\nJF388AAE HP IMC UAM S/W Module w/200-user E-LTU\nJG752AAE HP IMC UAM SW Mod w/ 50-user E-LTU\n\niMC EAD 7.0\n Fix in progress\nuse mitigations\n JF391AAE HP IMC EAD S/W Module w/200-user E-LTU\nJG754AAE HP IMC EAD SW Module w/ 50-user E-LTU\nJD147A HP IMC Endpoint Admission Defense Software Module with 200-user\nLicense\nJF391A HP IMC EAD S/W Module w/200-user License\n\niMC PLAT 7.0\n Fix in progress\nuse mitigations\n JF377AAE HP IMC Standard Edition Software Platform with 100-node E-LTU\nJG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU\nJG747AAE HP IMC Standard Software Platform with 50-node E-LTU\nJG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU\nJD125A HP IMC Standard Edition Software Platform with 100-node License\nJD815A HP IMC Standard Edition Software Platform with 100-node License\nJD816A HP A-IMC Standard Edition Software DVD Media\nJF377A HP IMC Standard Edition Software Platform with 100-node License\nJF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU\nJF289AAE HP Enterprise Management System to Intelligent Management Center\nUpgrade E-LTU\nTJ635AAE HP IMC for ANM 50 node pack SW E-LTU (On HP Softwares CPL\nnot HPNs)\nJF378AAE HP IMC Enterprise Edition Software Platform with 200-Node E-LTU\nJG748AAE HP IMC Enterprise Software Platform with 50-node E-LTU\nJD126A HP A-IMC Enterprise Software Platform with 200-node License\nJD808A HP A-IMC Enterprise Software Platform with 200-node License\nJD814A HP A-IMC Enterprise Edition Software DVD Media\nJF378A HP IMC Enterprise Edition Software Platform with 200-node License\nJG546AAE HP IMC Basic SW Platform w/50-node E-LTU\nJG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU\nJG550AAE HP PMM to IMC Bsc WLM Upgr w/150 AP E-LTU\nJG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU\nJG659AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU\nJG766AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU\nJG660AAE HP IMC Smart Connect w / WLAN Manager Virtual Appliance Edition\nE-LTU\nJG767AAE HP IMC Smart Connect with Wireless Service Manager Virtual Appliance\nSoftware E-LTU\n\nHISTORY\nVersion:1 (rev.1) - 20 June 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlOkrM4ACgkQ4B86/C0qfVn7/QCeK5T1H9dXfVQgIKSr5USqLmvq\nCtMAnjujH7e5aXfIOvxyyuB0FcSwIWCM\n=CEL7\n-----END PGP SIGNATURE-----\n. \nOpenSSL is a 3rd party product that is embedded with some HP printer\nproducts. This bulletin notifies HP Printer customers about impacted\nproducts. To obtain the updated firmware, go to www.hp.com and follow\nthese steps:\n\nSelect \"Drivers \u0026 Software\". \nEnter the appropriate product name listed in the table below into the search\nfield. \nClick on \"Search\". \nClick on the appropriate product. \nUnder \"Select operating system\" click on \"Cross operating system (BIOS,\nFirmware, Diagnostics, etc.)\"\nNote: If the \"Cross operating system ...\" link is not present, select\napplicable Windows operating system from the list. \nSelect the appropriate firmware update under \"Firmware\". \n\nFirmware Updates Table\n\nProduct Name\n Model Number\n Firmware Revision\n\nHP Color LaserJet CM4540 MFP\n CC419A, CC420A, CC421A\n v 2302963_436067 (or higher)\n\nHP Color LaserJet CP5525\n CE707A,CE708A,CE709A\n v 2302963_436070 (or higher)\n\nHP Color LaserJet Enterprise M750\n D3L08A, D3L09A, D3L10A\n v 2302963_436077 (or higher)\n\nHP Color LaserJet M651\n CZ255A, CZ256A, CZ257A, CZ258A\n v 2302963_436073 (or higher)\n\nHP Color LaserJet M680\n CZ248A, CZ249A\n v 2302963_436072 (or higher)\n\nHP Color LaserJet Flow M680\n CZ250A, CA251A\n v 2302963_436072 (or higher)\n\nHP LaserJet Enterprise 500 color MFP M575dn\n CD644A, CD645A\n v 2302963_436081 (or higher)\n\nHP LaserJet Enterprise 500 MFP M525f\n CF116A, CF117A\n v 2302963_436069 (or higher)\n\nHP LaserJet Enterprise 600 M601 Series\n CE989A, CE990A\n v 2302963_436082 (or higher)\n\nHP LaserJet Enterprise 600 M602 Series\n CE991A, CE992A, CE993A\n v 2302963_436082 (or higher)\n\nHP LaserJet Enterprise 600 M603 Series\n CE994A, CE995A, CE996A\n v 2302963_436082 (or higher)\n\nHP LaserJet Enterprise MFP M630 series\n B3G84A, B3G85A, B3G86A, J7X28A\n v 2303714_233000041 (or higher)\n\nHP LaserJet Enterprise 700 color M775 series\n CC522A, CC523A, CC524A, CF304A\n v 2302963_436079 (or higher)\n\nHP LaserJet Enterprise 700 M712 series\n CF235A, CF236A, CF238A\n v 2302963_436080 (or higher)\n\nHP LaserJet Enterprise 800 color M855\n A2W77A, A2W78A, A2W79A\n v 2302963_436076 (or higher)\n\nHP LaserJet Enterprise 800 color MFP M880\n A2W76A, A2W75A, D7P70A, D7P71A\n v 2302963_436068 (or higher)\n\nHP LaserJet Enterprise Color 500 M551 Series\n CF081A,CF082A,CF083A\n v 2302963_436083 (or higher)\n\nHP LaserJet Enterprise color flow MFP M575c\n CD646A\n v 2302963_436081 (or higher)\n\nHP LaserJet Enterprise flow M830z MFP\n CF367A\n v 2302963_436071 (or higher)\n\nHP LaserJet Enterprise flow MFP M525c\n CF118A\n v 2302963_436069 (or higher)\n\nHP LaserJet Enterprise M4555 MFP\n CE502A,CE503A, CE504A, CE738A\n v 2302963_436064 (or higher)\n\nHP LaserJet Enterprise M806\n CZ244A, CZ245A\n v 2302963_436075 (or higher)\n\nHP LaserJet Enterprise MFP M725\n CF066A, CF067A, CF068A, CF069A\n v 2302963_436078 (or higher)\n\nHP Scanjet Enterprise 8500 Document Capture Workstation\n L2717A, L2719A\n v 2302963_436065 (or higher)\n\nOfficeJet Enterprise Color MFP X585\n B5L04A, B5L05A,B5L07A\n v 2302963_436066 (or higher)\n\nOfficeJet Enterprise Color X555\n C2S11A, C2S12A\n v 2302963_436074 (or higher)\n\nHP Color LaserJet CP3525\n CC468A, CC469A, CC470A, CC471A\n v 06.183.1 (or higher)\n\nHP LaserJet M4345 Multifunction Printer\n CB425A, CB426A, CB427A, CB428A\n v 48.306.1 (or higher)\n\nHP LaserJet M5025 Multifunction Printer\n Q7840A\n v 48.306.1 (or higher)\n\nHP Color LaserJet CM6040 Multifunction Printer\n Q3938A, Q3939A\n v 52.256.1 (or higher)\n\nHP Color LaserJet Enterprise CP4525\n CC493A, CC494A, CC495A\n v 07.164.1 (or higher)\n\nHP Color LaserJet Enterprise CP4025\n CC489A, CC490A\n v 07.164.1 (or higher)\n\nHP LaserJet M5035 Multifunction Printer\n Q7829A, Q7830A, Q7831A\n v 48.306.1 (or higher)\n\nHP LaserJet M9050 Multifunction Printer\n CC395A\n v 51.256.1 (or higher)\n\nHP LaserJet M9040 Multifunction Printer\n CC394A\n v 51.256.1 (or higher)\n\nHP Color LaserJet CM4730 Multifunction Printer\n CB480A, CB481A, CB482A, CB483A\n v 50.286.1 (or higher)\n\nHP LaserJet M3035 Multifunction Printer\n CB414A, CB415A, CC476A, CC477A\n v 48.306.1 (or higher)\n\nHP 9250c Digital Sender\n CB472A\n v 48.293.1 (or higher)\n\nHP LaserJet Enterprise P3015\n CE525A,CE526A,CE527A,CE528A,CE595A\n v 07.186.1 (or higher)\n\nHP LaserJet M3027 Multifunction Printer\n CB416A, CC479A\n v 48.306.1 (or higher)\n\nHP LaserJet CM3530 Multifunction Printer\n CC519A, CC520A\n v 53.236.1 (or higher)\n\nHP Color LaserJet CP6015\n Q3931A, Q3932A, Q3933A, Q3934A, Q3935A\n v 04.203.1 (or higher)\n\nHP LaserJet P4515\n CB514A,CB515A, CB516A, CB517A\n v 04.213.1 (or higher)\n\nHP Color LaserJet CM6030 Multifunction Printer\n CE664A, CE665A\n v 52.256.1 (or higher)\n\nHP LaserJet P4015\n CB509A, CB526A, CB511A, CB510A\n v 04.213.1 (or higher)\n\nHP LaserJet P4014\n CB507A, CB506A, CB512A\n v 04.213.1 (or higher)\n\nHISTORY\nVersion:1 (rev.1) - 22 September 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0224"
},
{
"db": "BID",
"id": "67899"
},
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127166"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127422"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0224",
"trust": 2.7
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#978508",
"trust": 1.9
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "59824",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59310",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59380",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59661",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59666",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59191",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59188",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60176",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59375",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59101",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59441",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59163",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59142",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59126",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59186",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60567",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59189",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59437",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59445",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58639",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59282",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59132",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59506",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59383",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59135",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59342",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59659",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59364",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58492",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60066",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58337",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60571",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59192",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58667",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59223",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59004",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59459",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59990",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59214",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59338",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59438",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59429",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59287",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60577",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59530",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59448",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58759",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59012",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59894",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59175",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59055",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59669",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59368",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59518",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58714",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58716",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60049",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59043",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59878",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59370",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59449",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59435",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59491",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59495",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59514",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59120",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58579",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59529",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59284",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59389",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58745",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59167",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58128",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58977",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59442",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59040",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59784",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59093",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59454",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59885",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58660",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59460",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59354",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58743",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59362",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58945",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59446",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59602",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59305",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58433",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59502",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59374",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59264",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59528",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58713",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59325",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58385",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60819",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59525",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59231",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59365",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "61254",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59301",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59440",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59202",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59451",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59190",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59447",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59589",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60522",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58742",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59677",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59306",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "61815",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59483",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59063",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58719",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59444",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59211",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59827",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59215",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59347",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58930",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59916",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58615",
"trust": 1.6
},
{
"db": "SIEMENS",
"id": "SSA-234763",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1031594",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1031032",
"trust": 1.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4645",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-24443",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080",
"trust": 0.6
},
{
"db": "DLINK",
"id": "SAP10045",
"trust": 0.3
},
{
"db": "DLINK",
"id": "SAP10046",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10643",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10659",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03F",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03G",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03B",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03C",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03D",
"trust": 0.3
},
{
"db": "JVN",
"id": "JVN61247051",
"trust": 0.3
},
{
"db": "BID",
"id": "67899",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-0224",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127936",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127166",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127422",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127403",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127190",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128345",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "BID",
"id": "67899"
},
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127166"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127422"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"id": "VAR-201406-0445",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4594171644
},
"last_update_date": "2024-07-23T21:30:24.345000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "openssl-1.0.1h",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51081"
},
{
"title": "openssl-1.0.0m",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51080"
},
{
"title": "openssl-0.9.8za",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51079"
},
{
"title": "Amazon Linux AMI: ALAS-2014-351",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-351"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03107 rev.3 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=d0eef6c81e529a1b8e4ea4b72eaef4d0"
},
{
"title": "Amazon Linux AMI: ALAS-2014-350",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-350"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=b92b65104373bc8476811ff1b99cd369"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03107 rev.3 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=a7d1e620ea07a6fd4d3ec24012763337"
},
{
"title": "Red Hat: CVE-2014-0224",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0224"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-3"
},
{
"title": "HP: HPSBPI03107 rev.3 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbpi03107"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-4"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-1"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-2"
},
{
"title": "Debian Security Advisories: DSA-2950-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=909292f2afe623fbec51f7ab6b32f790"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=07d14df4883f21063a053cea8d2239c6"
},
{
"title": "Tenable Security Advisories: [R8] Tenable Products Affected by OpenSSL \u0027CCS Injection\u0027 Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2014-03"
},
{
"title": "Amazon Linux AMI: ALAS-2014-349",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-349"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Symantec Security Advisories: SA80 : OpenSSL Security Advisory 05-Jun-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=dd4667746d163d08265dfdd4c98e4201"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=afbd3a710e98424e558b1b21482abad6"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2014-0224 "
},
{
"title": "crochet-technologies",
"trust": 0.1,
"url": "https://github.com/crochet-technology/crochet-technologies "
},
{
"title": "openssl-ccs-cve-2014-0224",
"trust": 0.1,
"url": "https://github.com/ssllabs/openssl-ccs-cve-2014-0224 "
},
{
"title": "android-development-best-practices",
"trust": 0.1,
"url": "https://github.com/niharika2810/android-development-best-practices "
},
{
"title": "ssl-grader",
"trust": 0.1,
"url": "https://github.com/sslyze410-sslgrader-wciphersuite-info/ssl-grader "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/dtarnawsky/capacitor-plugin-security-provider "
},
{
"title": "qualysparser",
"trust": 0.1,
"url": "https://github.com/pr4jwal/qualysparser "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/wanderwille/13.01 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-326",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://support.citrix.com/article/ctx140876"
},
{
"trust": 2.5,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"trust": 2.2,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676615"
},
{
"trust": 2.2,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 2.2,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1020948"
},
{
"trust": 2.2,
"url": "http://www.ibm.com/support/docview.wss?uid=swg1it02314"
},
{
"trust": 2.2,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676877"
},
{
"trust": 2.2,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 2.2,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 2.2,
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1004678"
},
{
"trust": 2.2,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 2.2,
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"trust": 2.0,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 1.9,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29217"
},
{
"trust": 1.9,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 1.9,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1"
},
{
"trust": 1.9,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678233"
},
{
"trust": 1.9,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29195"
},
{
"trust": 1.9,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html"
},
{
"trust": 1.9,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.9,
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037730"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037727"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
},
{
"trust": 1.9,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095757"
},
{
"trust": 1.9,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095756"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676833"
},
{
"trust": 1.9,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"trust": 1.9,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 1.9,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"trust": 1.9,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020172"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675626"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0630.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0631.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0633.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0632.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0627.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0680.html"
},
{
"trust": 1.9,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095755"
},
{
"trust": 1.9,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095754"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676644"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
},
{
"trust": 1.9,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095740"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677131"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676496"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676478"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037731"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037732"
},
{
"trust": 1.9,
"url": "http://www.kb.cert.org/vuls/id/978508"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59661"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59301"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59784"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.6,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60522"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59659"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
},
{
"trust": 1.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"trust": 1.6,
"url": "https://access.redhat.com/site/blogs/766093/posts/908133"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140784085708882\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59310"
},
{
"trust": 1.6,
"url": "http://linux.oracle.com/errata/elsa-2014-1053.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59666"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58337"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58579"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59305"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59306"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59669"
},
{
"trust": 1.6,
"url": "http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59429"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676333"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676334"
},
{
"trust": 1.6,
"url": "http://ccsinjection.lepidum.co.jp"
},
{
"trust": 1.6,
"url": "http://support.apple.com/kb/ht6443"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140852757108392\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=6061\u0026myns=phmc\u0026mync=e"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58667"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59514"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59878"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59518"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140870499402361\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60066"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=141025641601169\u0026w=2"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140386311427810\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59093"
},
{
"trust": 1.6,
"url": "http://www.websense.com/support/article/kbarticle/vulnerabilities-resolved-in-triton-apx-version-8-0"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140369637402535\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59530"
},
{
"trust": 1.6,
"url": "http://www.novell.com/support/kb/doc.php?id=7015264"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59894"
},
{
"trust": 1.6,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2014/jun/38"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58433"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59885"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59525"
},
{
"trust": 1.6,
"url": "https://filezilla-project.org/versions.php?type=server"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=141147110427269\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677567"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59529"
},
{
"trust": 1.6,
"url": "https://www.intersectalliance.com/wp-content/uploads/release_notes/releasenotes_for_snare_for_mssql.pdf"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59528"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:105"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:106"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59063"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=141383410222440\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59186"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59189"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/61815"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140604261522465\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59188"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60049"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140544599631400\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/61254"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59190"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59192"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59191"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59990"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58660"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59502"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59506"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60176"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59040"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59282"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59163"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59284"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59043"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59167"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59287"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58742"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676845"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58743"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58745"
},
{
"trust": 1.6,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0624.html"
},
{
"trust": 1.6,
"url": "https://www.imperialviolet.org/2014/06/05/earlyccs.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59055"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59175"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140794476212181\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59602"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58759"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58639"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=6060\u0026myns=phmc\u0026mync=e"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1031032"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59380"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59383"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59264"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59142"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=141658880509699\u0026w=2"
},
{
"trust": 1.6,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0626.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59389"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140983229106599\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www.splunk.com/view/sp-caaam2d"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677390"
},
{
"trust": 1.6,
"url": "http://www.kerio.com/support/kerio-control/release-history"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60819"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037729"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58977"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59824"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58615"
},
{
"trust": 1.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103586"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59827"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"trust": 1.6,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59120"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59362"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59483"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59365"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59364"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59004"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58945"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59916"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"trust": 1.6,
"url": "http://esupport.trendmicro.com/solution/en-us/1103813.aspx"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1iv61506"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59370"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59491"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.6,
"url": "http://puppetlabs.com/security/cve/cve-2014-0224"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59132"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59374"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59495"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59012"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59375"
},
{
"trust": 1.6,
"url": "http://www.novell.com/support/kb/doc.php?id=7015300"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140499864129699\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59135"
},
{
"trust": 1.6,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59126"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59368"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58713"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58714"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58716"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58719"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1031594"
},
{
"trust": 1.6,
"url": "http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677080"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58492"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59460"
},
{
"trust": 1.6,
"url": "https://www.intersectalliance.com/wp-content/uploads/release_notes/releasenotes_for_snare_for_windows.pdf"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59101"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59342"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59223"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59215"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60567"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004690"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59214"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58128"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59338"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59459"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676786"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59231"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59354"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58385"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59347"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59589"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60577"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140852826008699\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58930"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037761"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=141164638606214\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_release_notes.pdf"
},
{
"trust": 1.6,
"url": "https://discussions.nessus.org/thread/7517"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676536"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60571"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59440"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59442"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59441"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59202"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59444"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59435"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59677"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59437"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037870"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59438"
},
{
"trust": 1.6,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.6,
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59451"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59211"
},
{
"trust": 1.6,
"url": "https://www.ibm.com/support/docview.wss?uid=ssg1s1004670"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140672208601650\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59454"
},
{
"trust": 1.6,
"url": "https://www.ibm.com/support/docview.wss?uid=ssg1s1004671"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59325"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59446"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59445"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59448"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59447"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59449"
},
{
"trust": 1.0,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=bc8923b1ec9c467755cd86f7848c50ee8812e441"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=bc8923b1ec9c467755cd86f7848c50ee8812e441"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914246-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4645/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/solutions/len-24443"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.5,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10045"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032618"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/en-us/support/knowledgebase/121112.aspx"
},
{
"trust": 0.3,
"url": "http://sylpheed.sraoss.jp/en/news.html"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list\u0026showdraft=false"
},
{
"trust": 0.3,
"url": "http://www.arubanetworks.com/support/alerts/aid-06062014.txt"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2014/06/chrome-for-android-update.html"
},
{
"trust": 0.3,
"url": "http://blogs.citrix.com/2014/06/06/citrix-security-advisory-for-openssl-vulnerabilities-june-2014/"
},
{
"trust": 0.3,
"url": "http://bugs.python.org/issue21671"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10046"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004805"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04438404"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687640"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21682840"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678123"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678073"
},
{
"trust": 0.3,
"url": "http://www.websense.com/support/article/kbarticle/july-2014-hotfix-summary-for-websense-solutions"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10643\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://jvn.jp/en/jp/jvn61247051/index.html"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://blogs.sophos.com/2014/06/10/openssl-man-in-the-middle-vulnerability-sophos-product-status-2/"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www.innominate.com/data/downloads/software/innominate_security_advisory_20140606_001_en.pdf"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004758"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004747"
},
{
"trust": 0.3,
"url": "http://openvpn.net/index.php/open-source/downloads.html"
},
{
"trust": 0.3,
"url": "http://www8.hp.com/us/en/software-solutions/operations-analytics-operations-analysis/"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "https://community.rapid7.com/community/metasploit/blog/2014/06/05/security-advisory-openssl-vulnerabilities-cve-2014-0224-cve-2014-0221-in-metasploit"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685551"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096059"
},
{
"trust": 0.3,
"url": "http://blogs.splunk.com/2014/06/09/splunk-and-the-latest-openssl-vulnerabilities/"
},
{
"trust": 0.3,
"url": "http://www.marshut.com/ixwnpv/stunnel-5-02-released.html"
},
{
"trust": 0.3,
"url": "http://blogs.sophos.com/2014/06/16/utm-up2date-9-113-released/"
},
{
"trust": 0.3,
"url": "http://blogs.sophos.com/2014/06/18/utm-up2date-9-203-released/"
},
{
"trust": 0.3,
"url": " https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04404764"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04385138"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181099"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101007404"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100180978"
},
{
"trust": 0.3,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-198-03"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/mar/21"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/mar/9"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10659"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03d"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03g"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181096"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=98ec479ee69ccb916d2ea4b09943faf5?nocount=true\u0026externalid=kb36051\u0026sliceid=1\u0026cmd=\u0026forward=nonthreadedkc\u0026command=show\u0026kcid=kb36051\u0026viewe"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678040"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1it02314"
},
{
"trust": 0.3,
"url": "http://kb.parallels.com/en/121916"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24036409"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032650#5.0.0.15"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032651"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034955"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020948"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04401858"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04397114"
},
{
"trust": 0.3,
"url": " https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479505"
},
{
"trust": 0.3,
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04512909"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04343424"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368264"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04347622"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04347711"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349175"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docdisplay?docid=emr_na-c04351097"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04363613"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368546"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04370307"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04392919"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04398968"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04401666"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04337774"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04451722"
},
{
"trust": 0.3,
"url": "https://h20565.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?spf_p.tpst=kbdocdisplay\u0026spf_p.prp_kbdocdisplay=wsrp-navigationalstate%3ddocid%253demr_na-c04406535-1%257cdoclocale%253d%"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docdisplay?docid=emr_na-c04425253"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04595094"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04336637"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001840"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181215"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678356"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680546"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21680511,swg21680439,swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg24037729"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095940"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678413"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680706,swg21680707,nas8n1020200,swg21680511,swg21680439,swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680707,nas8n1020200,swg21680511,swg21680439,swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004830"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676673"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678660"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21680439,swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676128"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677891"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676536"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095910"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/33a01-5228bdf5d027e/cert_security_mini-_bulletin_xrx15ao_for_cq8570-cq8870_v1-0.pdf"
},
{
"trust": 0.3,
"url": "http://www.novell.com/support/kb/doc.php?id=7015158"
},
{
"trust": 0.3,
"url": "http://securityadvisories.paloaltonetworks.com/home/detail/23?aspxautodetectcookiesupport=1"
},
{
"trust": 0.3,
"url": "http://www.freebsd.org/security/advisories/freebsd-sa-14:14.openssl.asc"
},
{
"trust": 0.3,
"url": "https://bto.bluecoat.com/security-advisory/sa80"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181079"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181566"
},
{
"trust": 0.3,
"url": "https://library.netapp.com/ecm/ecm_get_file/ecmp1636026"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020200"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676276"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676786"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0625.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0629.html"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021009"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676840"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21677225"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682398"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095738"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21683336"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678104"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682023"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021064"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682026"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682024"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21677080"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676877"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095841"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690128"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004678"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004824"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004690"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676542"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676543"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004744"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676333"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004695"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676708"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676505"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03b"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03c"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03f"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2014/06/stable-channel-update-for-chrome-os.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001842"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001839"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004821"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004670"
},
{
"trust": 0.3,
"url": "www-01.ibm.com/support/docview.wss?uid=ssg1s1004671"
},
{
"trust": 0.3,
"url": "http://www.ubuntu.com/usn/usn-2232-4/"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://winscp.net/eng/docs/history#5.5.4"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00073"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00074"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00070"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00076"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00079"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00071"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00075"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00078"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00072"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00077"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2232-3"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2232-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.6"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1332643"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.16"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.19"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3470"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0221"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0198"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0224"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0195"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/km01028458"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/km01020441"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=c03536"
},
{
"trust": 0.1,
"url": "https://www.hp.com"
}
],
"sources": [
{
"db": "BID",
"id": "67899"
},
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127166"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127422"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "BID",
"id": "67899"
},
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127166"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127422"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-05T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"date": "2014-06-05T00:00:00",
"db": "BID",
"id": "67899"
},
{
"date": "2014-08-20T15:18:26",
"db": "PACKETSTORM",
"id": "127936"
},
{
"date": "2014-06-24T00:52:51",
"db": "PACKETSTORM",
"id": "127166"
},
{
"date": "2014-07-28T20:36:25",
"db": "PACKETSTORM",
"id": "127630"
},
{
"date": "2014-07-11T21:05:34",
"db": "PACKETSTORM",
"id": "127422"
},
{
"date": "2014-07-09T17:11:19",
"db": "PACKETSTORM",
"id": "127403"
},
{
"date": "2014-06-24T01:45:14",
"db": "PACKETSTORM",
"id": "127190"
},
{
"date": "2014-09-22T16:56:00",
"db": "PACKETSTORM",
"id": "128345"
},
{
"date": "2014-06-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-080"
},
{
"date": "2014-06-05T21:55:07.817000",
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"date": "2017-10-19T03:03:00",
"db": "BID",
"id": "67899"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-080"
},
{
"date": "2023-11-07T02:18:13.190000",
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "128345"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL Encryption problem vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
}
],
"trust": 0.6
}
}
VAR-201404-0008
Vulnerability from variot - Updated: 2024-07-23 20:53Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. OpenSSL is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to cause denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible; however, this has not been confirmed. As long as all other products which SMH V7.3.3.1 for Linux x86 communicates with have been upgraded to the latest versions, it will not be vulnerable to the exploits described in CVE-2014-0224. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities
EMC Identifier: ESA-2014-079
CVE Identifier: See below for individual CVEs
Severity Rating: CVSS v2 Base Score: See below for individual CVSS score for each CVE
Affected products:
\x95 All EMC Documentum Content Server versions of 7.1 prior to P07
\x95 All EMC Documentum Content Server versions of 7.0
\x95 All EMC Documentum Content Server versions of 6.7 SP2 prior to P16
\x95 All EMC Documentum Content Server versions of 6.7 SP1
\x95 All EMC Documentum Content Server versions prior to 6.7 SP1
Summary:
EMC Documentum Content Server contains fixes for multiple vulnerabilities which also include vulnerabilities disclosed by the OpenSSL project on June 5, 2014 in OpenSSL.
Details: EMC Documentum Content Server may be susceptible to the following vulnerabilities:
\x95 Arbitrary Code Execution (CVE-2014-4618): Authenticated non-privileged users can potentially execute Documentum methods with higher level privileges (up to and including superuser privileges) due to improper authorization checks being performed on user-created system objects. CVSS v2 Base Score: 8.2 (AV:N/AC:M/Au:S/C:C/I:C/A:P)
\x95 DQL Injection (CVE-2014-2520): Certain DQL hints in EMC Documentum Content Server may be potentially exploited by an authenticated non-privileged malicious user to conduct DQL injection attacks and read the database contents. CVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)
\x95 Information Disclosure (CVE-2014-2521): Authenticated non-privileged users are allowed to retrieve meta-data of unauthorized system objects due to improper authorization checks being performed on certain RPC commands in Content Server. CVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)
\x95 Multiple OpenSSL vulnerabilities (See individual CVEs below and refer to NVD for each of their scores): SSL/TLS Man-in-the-middle (MITM) vulnerability (CVE-2014-0224) DTLS recursion flaw (CVE-2014-0221) DTLS invalid fragment vulnerability (CVE-2014-0195) SSL_MODE_RELEASE_BUFFERS NULL pointer deference (CVE-2014-0198) SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298) Anonymous ECDH denial of service (CVE-2014-3470) FLUSH + RELOAD cache side-channel attack (CVE-2014-0076) For more information about these vulnerabilities, please visit the original OpenSSL advisory https://www.openssl.org/news/secadv_20140605.txt
Resolution: The following versions contain the resolution for these issues: \x95 EMC Documentum Content Server version 7.1 P07 and later \x95 EMC Documentum Content Server version 7.0: Hotfixes are available for Windows & Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \x95 EMC Documentum Content Server version 6.7 SP2 P16 and later \x95 EMC Documentum Content Server version 6.7 SP1: Hotfixes are available for Windows & Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests.
EMC recommends all customers to upgrade to one of the above versions at the earliest opportunity.
Link to remedies: Registered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/2732_Documentum-Server
For Hotfix, contact EMC Support.
Read and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867.
For an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.
EMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.
Release Date: 2014-08-08 Last Updated: 2014-08-08
Potential Security Impact: Remote denial of service (DoS), code execution, unauthorized access, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH), HP Smart Update Manager (SUM), and HP Version Control Agent (VCA) running on Linux and Windows. These components of HP Insight Control server deployment could be exploited remotely resulting in denial of service (DoS), code execution, unauthorized access, or disclosure of information.
HP Insight Control server deployment packages HP System Management Homepage (SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and deploys them through the following components. This bulletin provides the information needed to update the HP Insight Control server deployment solution.
Install HP Management Agents for Windows x86/x64 Install HP Management Agents for RHEL 5 x64 Install HP Management Agents for RHEL 6 x64 Install HP Management Agents for SLES 10 x64 Install HP Management Agents for SLES 11 x64 Upgrade Proliant Firmware
References:
CVE-2010-5298 Remote Denial of Service CVE-2014-0076 Unauthorized Disclosure of Information CVE-2014-0195 Remote Unauthorized Access CVE-2014-0198 Remote Denial of Service CVE-2014-0221 Remote Denial of Service (DoS) CVE-2014-0224 Remote Unauthorized Access or Disclosure of Information CVE-2014-3470 Remote Code Execution or Unauthorized Access SSRT101628
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following updates to v7.3.1 of HP Insight Control server deployment to resolve this vulnerability. HP has provided manual update steps if a version upgrade is not possible; if users wish to remain at v7.1.2, v7.2.0, or v7.2.1.
Note: It is important to check your current running version of HP Insight Control server deployment and to follow the correct steps listed below. For HP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and follow the steps below to remove the vulnerability. The vulnerability known as Heartbleed (CVE-2014-0160) was fixed in HP Insight Control server deployment v7.3.1. That Security Bulletin with instructions on how to upgrade to v7.3.1 can be found here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n a-c04267749
HP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should take the following steps to remove this vulnerability.
Delete the files smhamd64-.exe/smhx86-.exe" from Component Copy Location listed in the following table, rows 1 and 2. Delete the files "vcax86-.exe/vcaamd64-.exe from Component Copy Location listed in the following table, rows 3 and 4. Delete the files hpsmh-7.*.rpm" from Component Copy Location listed in row 5. In sequence, perform the steps from left to right in the following table. First, download components from Download Link; Second, rename the component as suggested in Rename to. Third, copy the component to the location specified in Component Copy Location. Table Row Number Download Link Rename to Component Copy Location
1 http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba smhamd64-ccp023716.exe \express\hpfeatures\hpagents-ws\components\Win2008
2 http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05 smhx86-cp023715.exe \express\hpfeatures\hpagents-ws\components\Win2008
3 http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13 vcax86-cp023742.exe \express\hpfeatures\hpagents-ws\components\Win2008
4 http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2 vcaamd64-cp023743.exe \express\hpfeatures\hpagents-ws\components\Win2008
5 http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93 Do not rename the downloaded component for this step. \express\hpfeatures\hpagents-sles11-x64\components \express\hpfeatures\hpagents-sles10-x64\components \express\hpfeatures\hpagents-rhel5-x64\components \express\hpfeatures\hpagents-rhel6-x64\components
Download and extract the HPSUM 5.3.6 component from ftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793
Copy all content from extracted ZIP folder and paste into \eXpress\hpfeatures\fw-proLiant\components Initiate Install HP Management Agents for SLES 11 x64 on targets running SLES11 x64. Initiate Install HP Management Agents for SLES 10 x64 on targets running SLES10 x64. Initiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL 6 x64. Initiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL 5 x64. Initiate Install HP Management Agents for Windows x86/x64 on targets running Windows.
HP Insight Control server deployment users with v7.2.2:
Please upgrade to Insight Control server deployment v7.3.1 and follow the steps below for v7.3.1.
HP Insight Control server deployment users with v7.3.1:
Perform steps 1 - 4 as outlined above for users with HP Insight Control server deployment v7.1.2, v7.2.0, and v7.2.1. Download the HP SUM ZIP file from http://www.hp.com/swpublishing/MTX-f6c141a7feeb4a358bbb28300f
Extract the contents from the HP SUM ZIP file to \eXpress\hpfeatures\fw-proLiant\components location on the Insight Control server deployment server
Related security bulletins:
For System Management Homepage please see Security bulletin HPSBMU03051 https ://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04 345210
For HP Version Control Agent please see Security bulletin HPSBMU03057 https:/ /h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c0434 9897
HISTORY Version:1 (rev.1) - 8 August 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2014:0625-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0625.html Issue date: 2014-06-05 CVE Names: CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 =====================================================================
- Summary:
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.
It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224)
Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433
A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195)
Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)
A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221)
A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)
Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, Jüri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Gröbert and Ivan Fratrić of Google as the original reporters of CVE-2014-3470.
All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1087195 - CVE-2010-5298 openssl: freelist misuse causing a possible use-after-free 1093837 - CVE-2014-0198 openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write() 1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability 1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake 1103598 - CVE-2014-0195 openssl: Buffer overflow via DTLS invalid fragment 1103600 - CVE-2014-3470 openssl: client-side denial of service when using anonymous ECDH
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
i386: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm
x86_64: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
i386: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-perl-1.0.1e-16.el6_5.14.i686.rpm openssl-static-1.0.1e-16.el6_5.14.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
x86_64: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
x86_64: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
i386: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm
ppc64: openssl-1.0.1e-16.el6_5.14.ppc.rpm openssl-1.0.1e-16.el6_5.14.ppc64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.ppc.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.ppc64.rpm openssl-devel-1.0.1e-16.el6_5.14.ppc.rpm openssl-devel-1.0.1e-16.el6_5.14.ppc64.rpm
s390x: openssl-1.0.1e-16.el6_5.14.s390.rpm openssl-1.0.1e-16.el6_5.14.s390x.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.s390.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.s390x.rpm openssl-devel-1.0.1e-16.el6_5.14.s390.rpm openssl-devel-1.0.1e-16.el6_5.14.s390x.rpm
x86_64: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
i386: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-perl-1.0.1e-16.el6_5.14.i686.rpm openssl-static-1.0.1e-16.el6_5.14.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-16.el6_5.14.ppc64.rpm openssl-perl-1.0.1e-16.el6_5.14.ppc64.rpm openssl-static-1.0.1e-16.el6_5.14.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-16.el6_5.14.s390x.rpm openssl-perl-1.0.1e-16.el6_5.14.s390x.rpm openssl-static-1.0.1e-16.el6_5.14.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
i386: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm
x86_64: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
i386: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-perl-1.0.1e-16.el6_5.14.i686.rpm openssl-static-1.0.1e-16.el6_5.14.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2010-5298.html https://www.redhat.com/security/data/cve/CVE-2014-0195.html https://www.redhat.com/security/data/cve/CVE-2014-0198.html https://www.redhat.com/security/data/cve/CVE-2014-0221.html https://www.redhat.com/security/data/cve/CVE-2014-0224.html https://www.redhat.com/security/data/cve/CVE-2014-3470.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/articles/904433 https://access.redhat.com/site/solutions/905793
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFTkGAKXlSAg2UNWIIRAnrwAJ9sLrj3wCAZhJU00jxgt03unDAHywCfVjUB pJJhdOUzRUL8R2haDM4xrsk= =hZF8 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce. Unvalidated Redirect Vulnerability (CVE-2015-0512)
A potential vulnerability in Unisphere Central may allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. The attacker can specify the location of the arbitrary site in the unvalidated parameter of a crafted URL. If this URL is accessed, the browser is redirected to the arbitrary site specified in the parameter.
CVSSv2 Base Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
- To search for a particular CVE, use the NVD database\x92s search utility at http://web.nvd.nist.gov/view/vuln/search
Resolution: The following Unisphere Central release contains resolutions to the above issues: \x95 Unisphere Central version 4.0.
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack (CVE-2014-0076).
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug (CVE-2014-0160).
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224).
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue (CVE-2014-3566).
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c (CVE-2014-3570).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message (CVE-2014-3572).
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c (CVE-2014-8275).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the FREAK issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations (CVE-2015-0204).
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support (CVE-2015-0205).
The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293 http://openssl.org/news/secadv_20150108.txt http://openssl.org/news/secadv_20150319.txt
Updated Packages:
Mandriva Business Server 2/X86_64: 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS kz0ex6eI6hA6qSwklA2NoXY= =GYjX -----END PGP SIGNATURE----- . These vulnerabilities include:
-
The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information.
-
HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2010-5298
4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)
CVE-2014-0076
4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)
CVE-2014-0195
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-0198
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0221
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0224
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-3470
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-3566
3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVE-2016-0705
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE recommends applying the following software updates to resolve the vulnerabilities in the impacted versions of HPE StoreVirtual products running HPE LeftHand OS.
LeftHand OS v11.5 - Patches 45019-00 and 45020 LeftHand OS v12.0 - Patches 50016-00 and 50017-00 LeftHand OS v12.5 - Patch 55016-00 LeftHand OS v12.6 - Patch 56002-00
Notes:
These patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision to OpenSSL v1.0.1e 48. These patches migrate Certificate Authority Hashing Algorithm from a weak hashing algorithm SHA1 to the stronger hashing algorithm SHA256. Summary
VMware product updates address OpenSSL security vulnerabilities. Relevant Releases
ESXi 5.5 prior to ESXi550-201406401-SG
- Problem Description
a.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0224, CVE-2014-0198,
CVE-2010-5298, CVE-2014-3470, CVE-2014-0221 and CVE-2014-0195 to
these issues. The most important of these issues is
CVE-2014-0224.
CVE-2014-0198, CVE-2010-5298 and CVE-2014-3470 are considered to
be of moderate severity. Exploitation is highly unlikely or is
mitigated due to the application configuration.
CVE-2014-0221 and CVE-2014-0195, which are listed in the OpenSSL
Security Advisory (see Reference section below), do not affect
any VMware products. For readability
the affected products have been split into 3 tables below,
based on the different client-server configurations and
deployment scenarios. Applying these patches to
affected servers will mitigate the affected clients (See Table 1
below). can be mitigated by using a secure network such as
VPN (see Table 2 below).
Clients and servers that are deployed on an isolated network are
less exposed to CVE-2014-0224 (see Table 3 below). The affected
products are typically deployed to communicate over the
management network.
RECOMMENDATIONS
VMware recommends customers evaluate and deploy patches for
affected Servers in Table 1 below as these patches become
available. Patching these servers will remove the ability to
exploit the vulnerability described in CVE-2014-0224 on both
clients and servers. VMware recommends customers consider
applying patches to products listed in Table 2 & 3 as required.
Column 4 of the following tables lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
ESXi 5.5 ESXi ESXi550-
201406401-SG
Big Data Extensions 1.1 patch pending
Charge Back Manager 2.6 patch pending
Horizon Workspace Server
GATEWAY 1.8.1 patch pending
Horizon Workspace Server
GATEWAY 1.5 patch pending
Horizon Workspace Server
DATA 1.8.1 patch pending
Horizon Mirage Edge Gateway 4.4.2 patch pending
Horizon View 5.3.1 patch pending
Horizon View Feature Pack 5.3 SP2 patch pending
NSX for Multi-Hypervisor 4.1.2 patch pending
NSX for Multi-Hypervisor 4.0.3 patch pending
NSX for vSphere 6.0.4 patch pending
NVP 3.2.2 patch pending
vCAC 6.0.1 patch pending
vCloud Networking and Security 5.5.2 patch pending
vCloud Networking and Security 5.1.2 patch pending
vFabric Web Server 5.3.4 patch pending
vCHS - DPS-Data Protection 2.0 patch pending
Service
Table 2
========
Affected clients running a vulnerable version of OpenSSL 0.9.8
or 1.0.1 and communicating over an untrusted network.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
vCSA 5.5 patch pending
vCSA 5.1 patch pending
vCSA 5.0 patch pending
ESXi 5.1 ESXi patch pending
ESXi 5.0 ESXi patch pending
Workstation 10.0.2 any patch pending
Workstation 9.0.3 any patch pending
Fusion 6.x OSX patch pending
Fusion 5.x OSX patch pending
Player 10.0.2 any patch pending
Player 9.0.3 any patch pending
Chargeback Manager 2.5.x patch pending
Horizon Workspace Client for 1.8.1 OSX patch pending
Mac
Horizon Workspace Client for 1.5 OSX patch pending
Mac
Horizon Workspace Client for 1.8.1 Windows patch pending
Windows
Horizon Workspace Client for 1.5 Windows patch pending
OVF Tool 3.5.1 patch pending
OVF Tool 3.0.1 patch pending
vCenter Operations Manager 5.8.1 patch pending
vCenter Support Assistant 5.5.0 patch pending
vCenter Support Assistant 5.5.1 patch pending
vCD 5.1.2 patch pending
vCD 5.1.3 patch pending
vCD 5.5.1.1 patch pending
vCenter Site Recovery Manager 5.0.3.1 patch pending
Table 3
=======
The following table lists all affected clients running a
vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating
over an untrusted network.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
vCenter Server 5.5 any patch pending
vCenter Server 5.1 any patch pending
vCenter Server 5.0 any patch pending
Update Manager 5.5 Windows patch pending
Update Manager 5.1 Windows patch pending
Update Manager 5.0 Windows patch pending
Config Manager (VCM) 5.6 patch pending
Horizon View Client 5.3.1 patch pending
Horizon View Client 4.x patch pending
Horizon Workspace 1.8.1 patch pending
Horizon Workspace 1.5 patch pending
ITBM Standard 1.0.1 patch pending
ITBM Standard 1.0 patch pending
Studio 2.6.0.0 patch pending
Usage Meter 3.3 patch pending
vCenter Chargeback Manager 2.6 patch pending
vCenter Converter Standalone 5.5 patch pending
vCenter Converter Standalone 5.1 patch pending
vCD (VCHS) 5.6.2 patch pending
vCenter Site Recovery Manager 5.5.1 patch pending
vCenter Site Recovery Manager 5.1.1 patch pending
vFabric Application Director 5.2.0 patch pending
vFabric Application Director 5.0.0 patch pending
View Client 5.3.1 patch pending
View Client 4.x patch pending
VIX API 5.5 patch pending
VIX API 1.12 patch pending
vMA (Management Assistant) 5.1.0.1 patch pending
VMware Data Recovery 2.0.3 patch pending
VMware vSphere CLI 5.5 patch pending
vSphere Replication 5.5.1 patch pending
vSphere Replication 5.6 patch pending
vSphere SDK for Perl 5.5 patch pending
vSphere Storage Appliance 5.5.1 patch pending
vSphere Storage Appliance 5.1.3 patch pending
vSphere Support Assistant 5.5.1 patch pending
vSphere Support Assistant 5.5.0 patch pending
vSphere Virtual Disk 5.5 patch pending
Development Kit
vSphere Virtual Disk 5.1 patch pending
Development Kit
vSphere Virtual Disk 5.0 patch pending
Development Kit
- Solution
ESXi 5.5
Download: https://www.vmware.com/patchmgr/download.portal
Release Notes and Remediation Instructions: http://kb.vmware.com/kb/2077359
- Change Log
2014-06-10 VMSA-2014-0006 Initial security advisory in conjunction with the release of ESXi 5.5 updates on 2014-06-10
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved.
The attack can only be performed between a vulnerable client and server.
Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and researching this issue. This issue was reported to OpenSSL on 1st May 2014 via JPCERT/CC.
The fix was developed by Stephen Henson of the OpenSSL core team partly based on an original patch from KIKUCHI Masashi.
DTLS recursion flaw (CVE-2014-0221)
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This issue was reported to OpenSSL on 9th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Jüri Aedla for reporting this issue. This issue was reported to OpenSSL on 23rd April 2014 via HP ZDI.
The fix was developed by Stephen Henson of the OpenSSL core team. This flaw only affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public. The fix was developed by Matt Caswell of the OpenSSL development team. This flaw only affects multithreaded applications using OpenSSL 1.0.0 and 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public.
OpenSSL 0.9.8 users should upgrade to 0.9.8za OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
Thanks to Felix Gröbert and Ivan Fratrić at Google for discovering this issue. This issue was reported to OpenSSL on 28th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
Other issues
OpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for CVE-2014-0076: Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" Reported by Yuval Yarom and Naomi Benger. This issue was previously fixed in OpenSSL 1.0.1g.
References
URL for this Security Advisory: http://www.openssl.org/news/secadv_20140605.txt
Note: the online version of the advisory may be updated with additional details over time.
HP Systems Insight Manager v7.3 Hotfix kit HP Systems Insight Manager v7.2 Hotfix kit
http://h18013.www1.hp.com/products/servers/management/hpsim/download.html
NOTE: No reboot of the system is required after applying the HP SIM Hotfix kit. ============================================================================ Ubuntu Security Notice USN-2192-1 May 05, 2014
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 13.10
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Summary:
OpenSSL could be made to crash if it received specially crafted network traffic. (CVE-2010-5298)
It was discovered that OpenSSL incorrectly handled memory in the do_ssl3_write() function. (CVE-2014-0198)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.1
Ubuntu 13.10: libssl1.0.0 1.0.1e-3ubuntu1.3
Ubuntu 12.10: libssl1.0.0 1.0.1c-3ubuntu2.8
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.13
After a standard system update you need to reboot your computer to make all the necessary changes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0008",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.13"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"model": "linux enterprise workstation extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "bladecenter advanced management module 3.66e",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.6,
"vendor": "openssl",
"version": null
},
{
"model": "ssl vpn 8.0r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "security enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8.106"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.20.5.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58200"
},
{
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 13.1r4-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "junos 12.1r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.5"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.12"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "cp1543-1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "junos 12.1r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "60000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx3002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.2"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"model": "junos 12.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2-480"
},
{
"model": "junos 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 11.4r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"model": "uacos c4.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsr-500n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "msr3000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.4"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.3"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "m220 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7775"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58300"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "4800g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "secure analytics 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4"
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "119000"
},
{
"model": "secure analytics 2014.2r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.12"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.2"
},
{
"model": "junos 13.1r3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "10"
},
{
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "oneview",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.10"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "f1000a and s family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "u200a and m family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "flex system fc5022",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "850/8700"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "junos 11.4r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7765"
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"model": "junos d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.3"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "hsr6602 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"model": "fastsetup",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.5"
},
{
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr93x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.4"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wx5002/5004 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "updatexpress system packs installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos 11.4r12",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.0-release-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "a6600 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.3"
},
{
"model": "junos 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vsr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.3r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"model": "junos 12.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.1"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.2"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.8"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.2"
},
{
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "14.1"
},
{
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.2"
},
{
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "junos 12.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 13.2r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.9"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "msr20 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 12.1r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 11.4r10-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "junos 5.0r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129000"
},
{
"model": "fortios build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.10"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "hsr6800 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "ssl vpn 7.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1"
},
{
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.0"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "msr20 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.3.10"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "msr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "secblade iii",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "junos 10.4r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "junos 12.1r8-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "junos 13.2r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "junos 13.1r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "(comware family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12500v7)0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4.0.15"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "cp1543-1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.1.25"
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "secure analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "advanced settings utility",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr30 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "strm 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos os 12.1x47-d10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "jsa 2014.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.2"
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7900.00"
},
{
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "f1000e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 12.2r9",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19200"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hsr6602 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.0"
},
{
"model": "msr93x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "secure analytics 2014.2r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "dsr-1000n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"model": "junos 13.3r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.6"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.21"
},
{
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "junos 12.1r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "simatic s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1.5.0"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0.1055"
},
{
"model": "msr50 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.2"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"model": "virusscan enterprise for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "1.7.1"
},
{
"model": "strm",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.4"
},
{
"model": "msr50 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "junos 12.1x45-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.5.0.15"
},
{
"model": "junos 13.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "junos 13.2r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "u200s and cs family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"model": "security threat response manager 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.10"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10648"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.9"
},
{
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"model": "hsr6800 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.5"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.01"
},
{
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v5)0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0"
},
{
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.2"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.12"
},
{
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "simatic s7-1500",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.6"
},
{
"model": "strm/jsa 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx7412",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ngfw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.3"
},
{
"model": "junos 10.4r16",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "msr9xx russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 12.3r4-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl 1.0.1h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx5108",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.203"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr50-g2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.21"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "junos 5.0r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "11.16"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.13"
},
{
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "virusscan enterprise for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "1.8"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "junos os 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "uacos c5.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx4004",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network intrusion prevention system gv1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 13.1r.3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58000"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.8"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.7"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "junos os 12.1x46-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "dsr-1000 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v20"
},
{
"model": "junos 12.1x45-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"model": "uacos c5.0",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7755"
},
{
"model": "strm/jsa",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "dynamic system analysis",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "imc uam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 10.4s",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.6"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v7)0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 11.4r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "9500e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr30-16 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.1880"
},
{
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.2354"
},
{
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.53"
},
{
"model": "simatic s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr20-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "virusscan enterprise for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "2.0"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "ape",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security threat response manager 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "dsr-500 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6"
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "junos 12.1x45-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 10.4s15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "20"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "36100"
},
{
"model": "junos 13.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hi switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "msr30-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.7"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "msr9xx family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "msr2000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"model": "junos os 13.3r2-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "msr30 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"model": "junos 12.2r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125000"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.4"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "msr30-16 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "imc ead",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3600v20"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "fortios b064",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "msr4000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.2r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.21"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gv200",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.6"
},
{
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "mcp russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.1"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.1"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "a6600 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos 12.1r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "f5000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19100"
},
{
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.1"
},
{
"model": "junos 13.3r2-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos r11",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27.62"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos os 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "virusscan enterprise for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "1.9"
},
{
"model": "pk family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "junos os 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59200"
},
{
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 11.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x45-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dsr-500n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx4002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "4210g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "junos r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "14.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "webapp secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "junos 13.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "dsr-500 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45-"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cms r17ac.g",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59000"
},
{
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "mcp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.92743"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75000"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8300"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "junos 12.2r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "10.0-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secblade fw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "tssc",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.15"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.2r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.2"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "junos os 14.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "junos 10.4r15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "uacos c4.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "p2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "junos 10.0s25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.2"
},
{
"model": "junos d10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "msr50 g2 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "junos 10.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.3r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.1"
},
{
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.4"
},
{
"model": "junos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0"
},
{
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "blackberry link",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "1.2"
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.05"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "msr20-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.107"
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "msr30-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "4510g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "dsr-1000 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "dsr-1000n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "junos 12.1r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos os 12.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
}
],
"sources": [
{
"db": "BID",
"id": "66801"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.1g",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.13",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "128001"
}
],
"trust": 0.5
},
"cve": "CVE-2010-5298",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CVE-2010-5298",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-5298",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2010-5298",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. OpenSSL is prone to a remote memory-corruption vulnerability. \nAn attacker can exploit this issue to cause denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible; however, this has not been confirmed. As long as all other products which SMH V7.3.3.1 for Linux\nx86 communicates with have been upgraded to the latest versions, it will not\nbe vulnerable to the exploits described in CVE-2014-0224. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities \n\nEMC Identifier: ESA-2014-079\n\nCVE Identifier: See below for individual CVEs\n\nSeverity Rating: CVSS v2 Base Score: See below for individual CVSS score for each CVE\n\nAffected products: \n\\x95\tAll EMC Documentum Content Server versions of 7.1 prior to P07\n\\x95\tAll EMC Documentum Content Server versions of 7.0\n\\x95\tAll EMC Documentum Content Server versions of 6.7 SP2 prior to P16\n\\x95\tAll EMC Documentum Content Server versions of 6.7 SP1\n\\x95\tAll EMC Documentum Content Server versions prior to 6.7 SP1\n \nSummary: \nEMC Documentum Content Server contains fixes for multiple vulnerabilities which also include vulnerabilities disclosed by the OpenSSL project on June 5, 2014 in OpenSSL. \n\nDetails: \nEMC Documentum Content Server may be susceptible to the following vulnerabilities:\n\n\\x95\tArbitrary Code Execution (CVE-2014-4618):\nAuthenticated non-privileged users can potentially execute Documentum methods with higher level privileges (up to and including superuser privileges) due to improper authorization checks being performed on user-created system objects. \nCVSS v2 Base Score: 8.2 (AV:N/AC:M/Au:S/C:C/I:C/A:P)\n\n\\x95\tDQL Injection (CVE-2014-2520):\nCertain DQL hints in EMC Documentum Content Server may be potentially exploited by an authenticated non-privileged malicious user to conduct DQL injection attacks and read the database contents. \nCVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)\n\n\\x95\tInformation Disclosure (CVE-2014-2521):\nAuthenticated non-privileged users are allowed to retrieve meta-data of unauthorized system objects due to improper authorization checks being performed on certain RPC commands in Content Server. \nCVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)\n\n\\x95\tMultiple OpenSSL vulnerabilities (See individual CVEs below and refer to NVD for each of their scores):\n\tSSL/TLS Man-in-the-middle (MITM) vulnerability (CVE-2014-0224)\n\tDTLS recursion flaw (CVE-2014-0221)\n\tDTLS invalid fragment vulnerability (CVE-2014-0195)\n\tSSL_MODE_RELEASE_BUFFERS NULL pointer deference (CVE-2014-0198)\n\tSSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)\n\tAnonymous ECDH denial of service (CVE-2014-3470)\n\tFLUSH + RELOAD cache side-channel attack (CVE-2014-0076)\nFor more information about these vulnerabilities, please visit the original OpenSSL advisory https://www.openssl.org/news/secadv_20140605.txt \n\nResolution: \nThe following versions contain the resolution for these issues: \n\\x95\tEMC Documentum Content Server version 7.1 P07 and later\n\\x95\tEMC Documentum Content Server version 7.0: Hotfixes are available for Windows \u0026 Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \n\\x95\tEMC Documentum Content Server version 6.7 SP2 P16 and later\n\\x95\tEMC Documentum Content Server version 6.7 SP1: Hotfixes are available for Windows \u0026 Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \n\nEMC recommends all customers to upgrade to one of the above versions at the earliest opportunity. \n\nLink to remedies:\nRegistered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/2732_Documentum-Server\n\nFor Hotfix, contact EMC Support. \n\n\n\nRead and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867. \n\nFor an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. \n\nEMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. \n\nRelease Date: 2014-08-08\nLast Updated: 2014-08-08\n\nPotential Security Impact: Remote denial of service (DoS), code execution,\nunauthorized access, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP System\nManagement Homepage (SMH), HP Smart Update Manager (SUM), and HP Version\nControl Agent (VCA) running on Linux and Windows. These components of HP\nInsight Control server deployment could be exploited remotely resulting in\ndenial of service (DoS), code execution, unauthorized access, or disclosure\nof information. \n\nHP Insight Control server deployment packages HP System Management Homepage\n(SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM)\nand deploys them through the following components. This bulletin provides the\ninformation needed to update the HP Insight Control server deployment\nsolution. \n\nInstall HP Management Agents for Windows x86/x64\nInstall HP Management Agents for RHEL 5 x64\nInstall HP Management Agents for RHEL 6 x64\nInstall HP Management Agents for SLES 10 x64\nInstall HP Management Agents for SLES 11 x64\nUpgrade Proliant Firmware\n\nReferences:\n\nCVE-2010-5298 Remote Denial of Service\nCVE-2014-0076 Unauthorized Disclosure of Information\nCVE-2014-0195 Remote Unauthorized Access\nCVE-2014-0198 Remote Denial of Service\nCVE-2014-0221 Remote Denial of Service (DoS)\nCVE-2014-0224 Remote Unauthorized Access or Disclosure of Information\nCVE-2014-3470 Remote Code Execution or Unauthorized Access\nSSRT101628\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following updates to v7.3.1 of HP Insight Control server\ndeployment to resolve this vulnerability. HP has provided manual update steps\nif a version upgrade is not possible; if users wish to remain at v7.1.2,\nv7.2.0, or v7.2.1. \n\nNote: It is important to check your current running version of HP Insight\nControl server deployment and to follow the correct steps listed below. For\nHP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and\nfollow the steps below to remove the vulnerability. The vulnerability known\nas Heartbleed (CVE-2014-0160) was fixed in HP Insight Control server\ndeployment v7.3.1. That Security Bulletin with instructions on how to upgrade\nto v7.3.1 can be found here:\n\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n\na-c04267749\n\nHP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should\ntake the following steps to remove this vulnerability. \n\nDelete the files smhamd64-*.exe/smhx86-*.exe\" from Component Copy Location\nlisted in the following table, rows 1 and 2. \nDelete the files \"vcax86-*.exe/vcaamd64-*.exe from Component Copy Location\nlisted in the following table, rows 3 and 4. \nDelete the files hpsmh-7.*.rpm\" from Component Copy Location listed in row 5. \nIn sequence, perform the steps from left to right in the following table. \nFirst, download components from Download Link; Second, rename the component\nas suggested in Rename to. Third, copy the component to the location\nspecified in Component Copy Location. \nTable Row Number\n Download Link\n Rename to\n Component Copy Location\n\n1\n http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba\n smhamd64-ccp023716.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n2\n http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05\n smhx86-cp023715.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n3\n http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13\n vcax86-cp023742.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n4\n http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2\n vcaamd64-cp023743.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n5\n http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93\n Do not rename the downloaded component for this step. \n \\\\express\\hpfeatures\\hpagents-sles11-x64\\components\n\\\\express\\hpfeatures\\hpagents-sles10-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel5-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel6-x64\\components\n\nDownload and extract the HPSUM 5.3.6 component from\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793\n\nCopy all content from extracted ZIP folder and paste into\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components\nInitiate Install HP Management Agents for SLES 11 x64 on targets running\nSLES11 x64. \nInitiate Install HP Management Agents for SLES 10 x64 on targets running\nSLES10 x64. \nInitiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL\n6 x64. \nInitiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL\n5 x64. \nInitiate Install HP Management Agents for Windows x86/x64 on targets running\nWindows. \n\nHP Insight Control server deployment users with v7.2.2:\n\nPlease upgrade to Insight Control server deployment v7.3.1 and follow the\nsteps below for v7.3.1. \n\nHP Insight Control server deployment users with v7.3.1:\n\nPerform steps 1 - 4 as outlined above for users with HP Insight Control\nserver deployment v7.1.2, v7.2.0, and v7.2.1. \nDownload the HP SUM ZIP file from\nhttp://www.hp.com/swpublishing/MTX-f6c141a7feeb4a358bbb28300f\n\nExtract the contents from the HP SUM ZIP file to\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components location on the Insight Control\nserver deployment server\n\nRelated security bulletins:\n\nFor System Management Homepage please see Security bulletin HPSBMU03051 https\n://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04\n345210\n\nFor HP Version Control Agent please see Security bulletin HPSBMU03057 https:/\n/h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c0434\n9897\n\nHISTORY\nVersion:1 (rev.1) - 8 August 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2014:0625-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-0625.html\nIssue date: 2014-06-05\nCVE Names: CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 \n CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. \n\nIt was found that OpenSSL clients and servers could be forced, via a\nspecially crafted handshake packet, to use weak keying material for\ncommunication. A man-in-the-middle attacker could use this flaw to decrypt\nand modify traffic between a client and a server. (CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client must be\nusing a vulnerable version of OpenSSL; the server must be using OpenSSL\nversion 1.0.1 and above, and the client must be using any version of\nOpenSSL. For more information about this flaw, refer to:\nhttps://access.redhat.com/site/articles/904433\n\nA buffer overflow flaw was found in the way OpenSSL handled invalid DTLS\npacket fragments. A remote attacker could possibly use this flaw to execute\narbitrary code on a DTLS client or server. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write buffers\nwhen the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or\nserver using OpenSSL could crash or unexpectedly drop connections when\nprocessing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)\n\nA denial of service flaw was found in the way OpenSSL handled certain DTLS\nServerHello requests. A specially crafted DTLS handshake packet could cause\na DTLS client using OpenSSL to crash. (CVE-2014-0221)\n\nA NULL pointer dereference flaw was found in the way OpenSSL performed\nanonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially\ncrafted handshake packet could cause a TLS/SSL client that has the\nanonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nRed Hat would like to thank the OpenSSL project for reporting these issues. \nUpstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter\nof CVE-2014-0224, J\u00fcri Aedla as the original reporter of CVE-2014-0195,\nImre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix\nGr\u00f6bert and Ivan Fratri\u0107 of Google as the original reporters of\nCVE-2014-3470. \n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1087195 - CVE-2010-5298 openssl: freelist misuse causing a possible use-after-free\n1093837 - CVE-2014-0198 openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write()\n1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability\n1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake\n1103598 - CVE-2014-0195 openssl: Buffer overflow via DTLS invalid fragment\n1103600 - CVE-2014-3470 openssl: client-side denial of service when using anonymous ECDH\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\ni386:\nopenssl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\ni386:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-static-1.0.1e-16.el6_5.14.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.14.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.14.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\ni386:\nopenssl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.i686.rpm\n\nppc64:\nopenssl-1.0.1e-16.el6_5.14.ppc.rpm\nopenssl-1.0.1e-16.el6_5.14.ppc64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.ppc.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.ppc64.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.ppc.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-16.el6_5.14.s390.rpm\nopenssl-1.0.1e-16.el6_5.14.s390x.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.s390.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.s390x.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.s390.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\ni386:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-static-1.0.1e-16.el6_5.14.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.ppc64.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.ppc64.rpm\nopenssl-static-1.0.1e-16.el6_5.14.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.s390x.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.s390x.rpm\nopenssl-static-1.0.1e-16.el6_5.14.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.14.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\ni386:\nopenssl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\ni386:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-static-1.0.1e-16.el6_5.14.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.14.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2010-5298.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0195.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0198.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0221.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0224.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3470.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/site/articles/904433\nhttps://access.redhat.com/site/solutions/905793\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFTkGAKXlSAg2UNWIIRAnrwAJ9sLrj3wCAZhJU00jxgt03unDAHywCfVjUB\npJJhdOUzRUL8R2haDM4xrsk=\n=hZF8\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. \tUnvalidated Redirect Vulnerability (CVE-2015-0512)\n\nA potential vulnerability in Unisphere Central may allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. The attacker can specify the location of the arbitrary site in the unvalidated parameter of a crafted URL. If this URL is accessed, the browser is redirected to the arbitrary site specified in the parameter. \n\nCVSSv2 Base Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)\n\n2. To search for a particular CVE, use the NVD database\\x92s search utility at http://web.nvd.nist.gov/view/vuln/search\n\nResolution: \nThe following Unisphere Central release contains resolutions to the above issues:\n\\x95\tUnisphere Central version 4.0. \n \n The Montgomery ladder implementation in OpenSSL through 1.0.0l does\n not ensure that certain swap operations have a constant-time behavior,\n which makes it easier for local users to obtain ECDSA nonces via a\n FLUSH+RELOAD cache side-channel attack (CVE-2014-0076). \n \n The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before\n 1.0.1g do not properly handle Heartbeat Extension packets, which allows\n remote attackers to obtain sensitive information from process memory\n via crafted packets that trigger a buffer over-read, as demonstrated\n by reading private keys, related to d1_both.c and t1_lib.c, aka the\n Heartbleed bug (CVE-2014-0160). \n \n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before\n 1.0.1h does not properly restrict processing of ChangeCipherSpec\n messages, which allows man-in-the-middle attackers to trigger use of a\n zero-length master key in certain OpenSSL-to-OpenSSL communications,\n and consequently hijack sessions or obtain sensitive information,\n via a crafted TLS handshake, aka the CCS Injection vulnerability\n (CVE-2014-0224). \n \n The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other\n products, uses nondeterministic CBC padding, which makes it easier\n for man-in-the-middle attackers to obtain cleartext data via a\n padding-oracle attack, aka the POODLE issue (CVE-2014-3566). \n \n The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before\n 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square\n of a BIGNUM value, which might make it easier for remote attackers to\n defeat cryptographic protection mechanisms via unspecified vectors,\n related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and\n crypto/bn/bn_asm.c (CVE-2014-3570). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote\n SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger\n a loss of forward secrecy by omitting the ServerKeyExchange message\n (CVE-2014-3572). \n \n OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k\n does not enforce certain constraints on certificate data, which allows\n remote attackers to defeat a fingerprint-based certificate-blacklist\n protection mechanism by including crafted data within a\n certificate\u0026#039;s unsigned portion, related to crypto/asn1/a_verify.c,\n crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c\n (CVE-2014-8275). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL\n servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate\n brute-force decryption by offering a weak ephemeral RSA key in a\n noncompliant role, related to the FREAK issue. NOTE: the scope of\n this CVE is only client code based on OpenSSL, not EXPORT_RSA issues\n associated with servers or other TLS implementations (CVE-2015-0204). \n \n The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before\n 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a\n Diffie-Hellman (DH) certificate without requiring a CertificateVerify\n message, which allows remote attackers to obtain access without\n knowledge of a private key via crafted TLS Handshake Protocol traffic\n to a server that recognizes a Certification Authority with DH support\n (CVE-2015-0205). \n \n The updated packages have been upgraded to the 1.0.1m version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293\n http://openssl.org/news/secadv_20150108.txt\n http://openssl.org/news/secadv_20150319.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm\n 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm\n a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm \n 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS\nkz0ex6eI6hA6qSwklA2NoXY=\n=GYjX\n-----END PGP SIGNATURE-----\n. These vulnerabilities include: \n\n* The SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" also known as \"POODLE\", which could be exploited remotely\nresulting in disclosure of information. \n\n - HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2010-5298\n 4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L\n 4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)\n\n CVE-2014-0076\n 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2014-0195\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-0198\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0221\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0224\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-3470\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-3566\n 3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2016-0705\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE recommends applying the following software updates to resolve the\nvulnerabilities in the impacted versions of HPE StoreVirtual products running\nHPE LeftHand OS. \n\nLeftHand OS v11.5 - Patches 45019-00 and 45020 \nLeftHand OS v12.0 - Patches 50016-00 and 50017-00 \nLeftHand OS v12.5 - Patch 55016-00 \nLeftHand OS v12.6 - Patch 56002-00 \n\n**Notes:**\n\nThese patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision\nto OpenSSL v1.0.1e 48. \nThese patches migrate Certificate Authority Hashing Algorithm from a weak\nhashing algorithm SHA1 to the stronger hashing algorithm SHA256. Summary\n\n VMware product updates address OpenSSL security vulnerabilities. Relevant Releases\n\n ESXi 5.5 prior to ESXi550-201406401-SG\n\n\n3. Problem Description\n\n a. \n \n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n\n has assigned the names CVE-2014-0224, CVE-2014-0198, \n CVE-2010-5298, CVE-2014-3470, CVE-2014-0221 and CVE-2014-0195 to\n these issues. The most important of these issues is \n CVE-2014-0224. \n\n CVE-2014-0198, CVE-2010-5298 and CVE-2014-3470 are considered to\n be of moderate severity. Exploitation is highly unlikely or is\n mitigated due to the application configuration. \n\n CVE-2014-0221 and CVE-2014-0195, which are listed in the OpenSSL \n Security Advisory (see Reference section below), do not affect\n any VMware products. For readability\n the affected products have been split into 3 tables below, \n based on the different client-server configurations and\n deployment scenarios. Applying these patches to \n affected servers will mitigate the affected clients (See Table 1\n below). can be mitigated by using a secure network such as \n VPN (see Table 2 below). \n \n Clients and servers that are deployed on an isolated network are\n less exposed to CVE-2014-0224 (see Table 3 below). The affected\n products are typically deployed to communicate over the\n management network. \n\n RECOMMENDATIONS\n\n VMware recommends customers evaluate and deploy patches for\n affected Servers in Table 1 below as these patches become\n available. Patching these servers will remove the ability to\n exploit the vulnerability described in CVE-2014-0224 on both\n clients and servers. VMware recommends customers consider \n applying patches to products listed in Table 2 \u0026 3 as required. \n\n Column 4 of the following tables lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n ESXi 5.5 ESXi ESXi550-\n 201406401-SG \n\n Big Data Extensions 1.1 patch pending \n Charge Back Manager 2.6 patch pending \n\n Horizon Workspace Server \n GATEWAY 1.8.1 patch pending \n Horizon Workspace Server \n GATEWAY 1.5 patch pending \n\n Horizon Workspace Server \n DATA 1.8.1 patch pending \n\n Horizon Mirage Edge Gateway 4.4.2 patch pending \n Horizon View 5.3.1 patch pending \n\n Horizon View Feature Pack 5.3 SP2 patch pending \n\n NSX for Multi-Hypervisor 4.1.2 patch pending \n NSX for Multi-Hypervisor 4.0.3 patch pending \n NSX for vSphere 6.0.4 patch pending \n NVP 3.2.2 patch pending \n vCAC 6.0.1 patch pending \n\n vCloud Networking and Security 5.5.2 \t\t patch pending \n vCloud Networking and Security 5.1.2 \t\t patch pending \n\n vFabric Web Server 5.3.4 patch pending \n\n vCHS - DPS-Data Protection 2.0 patch pending \n Service\n\n Table 2\n ========\n Affected clients running a vulnerable version of OpenSSL 0.9.8 \n or 1.0.1 and communicating over an untrusted network. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n vCSA 5.5 patch pending \n vCSA 5.1 patch pending \n vCSA 5.0 patch pending \n\n\n ESXi 5.1 ESXi patch pending \n ESXi 5.0 ESXi patch pending \n\n Workstation 10.0.2 any patch pending \n Workstation 9.0.3 any patch pending \n Fusion 6.x OSX patch pending \n Fusion 5.x OSX patch pending \n Player 10.0.2 any patch pending \n Player 9.0.3 any patch pending \n\n Chargeback Manager 2.5.x patch pending \n\n Horizon Workspace Client for 1.8.1 OSX patch pending \n Mac\n Horizon Workspace Client for 1.5 OSX patch pending \n Mac\n Horizon Workspace Client for 1.8.1 Windows patch pending \n Windows \n Horizon Workspace Client for 1.5 Windows patch pending \n\n OVF Tool 3.5.1 patch pending \n OVF Tool 3.0.1 patch pending \n\n vCenter Operations Manager 5.8.1 patch pending \n\n vCenter Support Assistant 5.5.0 patch pending \n vCenter Support Assistant 5.5.1 patch pending \n \n vCD 5.1.2 patch pending \n vCD 5.1.3 patch pending \n vCD 5.5.1.1 patch pending \n vCenter Site Recovery Manager 5.0.3.1 patch pending \n\n Table 3\n =======\n The following table lists all affected clients running a\n vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating\n over an untrusted network. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n vCenter Server 5.5 any patch pending\n vCenter Server 5.1 any patch pending\n vCenter Server 5.0 any patch pending\n\n Update Manager 5.5 Windows patch pending\n Update Manager 5.1 Windows patch pending\n Update Manager 5.0 Windows patch pending \n\n Config Manager (VCM) 5.6 patch pending \n\n Horizon View Client 5.3.1 patch pending \n Horizon View Client 4.x patch pending\n Horizon Workspace 1.8.1 patch pending \n Horizon Workspace 1.5 patch pending \n \n \n ITBM Standard 1.0.1 patch pending \n ITBM Standard 1.0 patch pending \n \n Studio 2.6.0.0 patch pending \n \n Usage Meter 3.3 patch pending \n vCenter Chargeback Manager 2.6 patch pending \n vCenter Converter Standalone 5.5 patch pending \n vCenter Converter Standalone 5.1 patch pending \n vCD (VCHS) 5.6.2 patch pending \n \n vCenter Site Recovery Manager 5.5.1 patch pending \n vCenter Site Recovery Manager 5.1.1 patch pending\n\n vFabric Application Director 5.2.0 patch pending \n vFabric Application Director 5.0.0 patch pending \n View Client 5.3.1 patch pending \n View Client 4.x patch pending\n VIX API 5.5 patch pending \n VIX API 1.12 patch pending \n \n vMA (Management Assistant) 5.1.0.1 patch pending \n \n\n VMware Data Recovery 2.0.3 patch pending \n \n VMware vSphere CLI 5.5 patch pending \n \n vSphere Replication 5.5.1 patch pending \n vSphere Replication 5.6 patch pending \n vSphere SDK for Perl 5.5 patch pending \n vSphere Storage Appliance 5.5.1 patch pending \n vSphere Storage Appliance 5.1.3 patch pending \n vSphere Support Assistant 5.5.1 patch pending \n vSphere Support Assistant 5.5.0 patch pending\n vSphere Virtual Disk 5.5 patch pending \n Development Kit \n vSphere Virtual Disk 5.1 patch pending \n Development Kit\n vSphere Virtual Disk 5.0 patch pending \n Development Kit\n \n 4. Solution\n\n ESXi 5.5\n ----------------------------\n\n Download:\n https://www.vmware.com/patchmgr/download.portal\n\n Release Notes and Remediation Instructions:\n http://kb.vmware.com/kb/2077359\n\n 5. Change Log\n\n 2014-06-10 VMSA-2014-0006\n Initial security advisory in conjunction with the release of\n ESXi 5.5 updates on 2014-06-10\n\n- -----------------------------------------------------------------------\n \n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. \n\nThe attack can only be performed between a vulnerable client *and*\nserver. \n\nThanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 1st May\n2014 via JPCERT/CC. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team partly based\non an original patch from KIKUCHI Masashi. \n\nDTLS recursion flaw (CVE-2014-0221)\n====================================\n\nBy sending an invalid DTLS handshake to an OpenSSL DTLS client the code\ncan be made to recurse eventually crashing in a DoS attack. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This\nissue was reported to OpenSSL on 9th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to J\u00fcri Aedla for reporting this issue. This issue was\nreported to OpenSSL on 23rd April 2014 via HP ZDI. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. This flaw\nonly affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is\nenabled, which is not the default and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. The fix was developed by\nMatt Caswell of the OpenSSL development team. \nThis flaw only affects multithreaded applications using OpenSSL 1.0.0\nand 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the\ndefault and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. \n\nOpenSSL 0.9.8 users should upgrade to 0.9.8za\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThanks to Felix Gr\u00f6bert and Ivan Fratri\u0107 at Google for discovering this\nissue. This issue was reported to OpenSSL on 28th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nOther issues\n============\n\nOpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for\nCVE-2014-0076: Fix for the attack described in the paper \"Recovering\nOpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack\"\nReported by Yuval Yarom and Naomi Benger. This issue was previously\nfixed in OpenSSL 1.0.1g. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20140605.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nHP Systems Insight Manager v7.3 Hotfix kit\nHP Systems Insight Manager v7.2 Hotfix kit\n\nhttp://h18013.www1.hp.com/products/servers/management/hpsim/download.html\n\nNOTE: No reboot of the system is required after applying the HP SIM Hotfix\nkit. ============================================================================\nUbuntu Security Notice USN-2192-1\nMay 05, 2014\n\nopenssl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 13.10\n- Ubuntu 12.10\n- Ubuntu 12.04 LTS\n\nSummary:\n\nOpenSSL could be made to crash if it received specially crafted network\ntraffic. \n(CVE-2010-5298)\n\nIt was discovered that OpenSSL incorrectly handled memory in the\ndo_ssl3_write() function. \n(CVE-2014-0198)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.1\n\nUbuntu 13.10:\n libssl1.0.0 1.0.1e-3ubuntu1.3\n\nUbuntu 12.10:\n libssl1.0.0 1.0.1c-3ubuntu2.8\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.13\n\nAfter a standard system update you need to reboot your computer to make all\nthe necessary changes",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-5298"
},
{
"db": "BID",
"id": "66801"
},
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "126927"
},
{
"db": "PACKETSTORM",
"id": "130188"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "126481"
},
{
"db": "PACKETSTORM",
"id": "126930"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-5298",
"trust": 2.7
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 1.4
},
{
"db": "BID",
"id": "66801",
"trust": 1.4
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59666",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59440",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59437",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58977",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59301",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59287",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59342",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58337",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58713",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59669",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59438",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2014/04/13/1",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03G",
"trust": 0.4
},
{
"db": "DLINK",
"id": "SAP10045",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10643",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03F",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03B",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03C",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03D",
"trust": 0.3
},
{
"db": "MCAFEE",
"id": "SB10071",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2010-5298",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127362",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127923",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127807",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126927",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130188",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131044",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127326",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127045",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126961",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128001",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126481",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126930",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "BID",
"id": "66801"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "126927"
},
{
"db": "PACKETSTORM",
"id": "130188"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "126481"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"id": "VAR-201404-0008",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.416493127826087
},
"last_update_date": "2024-07-23T20:53:19.246000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/07/10/fireeye_patches_os_torpedo_exploitdb_disclosure/"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2192-1"
},
{
"title": "Debian Security Advisories: DSA-2908-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=438bf64e25a46a5ac11098b5720d1bb6"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0198 Null pointer dereference bug in OpenSSL 1.0.1g and earlier",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=94b6140bb563b66b3bcd98992e854bf3"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0076",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=1fc1fc75c3cab4aa04eb437a09a1da4f"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=07d14df4883f21063a053cea8d2239c6"
},
{
"title": "Amazon Linux AMI: ALAS-2014-349",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-349"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=afbd3a710e98424e558b1b21482abad6"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Symantec Security Advisories: SA80 : OpenSSL Security Advisory 05-Jun-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=dd4667746d163d08265dfdd4c98e4201"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4a692d6d60aa31507cb101702b494c51"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hrbrmstr/internetdb "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-5298"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-362",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 1.4,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 1.4,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095757"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095756"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095755"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095754"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
},
{
"trust": 1.4,
"url": "http://support.citrix.com/article/ctx140876"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 1.1,
"url": "http://openwall.com/lists/oss-security/2014/04/13/1"
},
{
"trust": 1.1,
"url": "http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191\u0026view=markup"
},
{
"trust": 1.1,
"url": "http://ftp.openbsd.org/pub/openbsd/patches/5.5/common/004_openssl.patch.sig"
},
{
"trust": 1.1,
"url": "http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse"
},
{
"trust": 1.1,
"url": "https://rt.openssl.org/ticket/display.html?id=3265\u0026user=guest\u0026pass=guest"
},
{
"trust": 1.1,
"url": "http://www.openbsd.org/errata55.html#004_openssl"
},
{
"trust": 1.1,
"url": "https://rt.openssl.org/ticket/display.html?id=2167\u0026user=guest\u0026pass=guest"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/66801"
},
{
"trust": 1.1,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"trust": 1.1,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59438"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59301"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59666"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59669"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59342"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=141658880509699\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140544599631400\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"trust": 1.1,
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:090"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59440"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59437"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59287"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58977"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58713"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58337"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29195"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 1.1,
"url": "http://advisories.mageia.org/mgasa-2014-0187.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03g"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.4,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0625.html"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.4,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10045"
},
{
"trust": 0.3,
"url": "http://seclists.org/oss-sec/2014/q2/102"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list\u0026showdraft=false"
},
{
"trust": 0.3,
"url": "http://blogs.citrix.com/2014/06/06/citrix-security-advisory-for-openssl-vulnerabilities-june-2014/"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2010_5298_race_conditions"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "http://www.freebsd.org/security/advisories/freebsd-sa-14:09.openssl.asc"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10643\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://www.openssl.org"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15328.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181099"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100180978"
},
{
"trust": 0.3,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-198-03"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03d"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=98ec479ee69ccb916d2ea4b09943faf5?nocount=true\u0026externalid=kb36051\u0026sliceid=1\u0026cmd=\u0026forward=nonthreadedkc\u0026command=show\u0026kcid=kb36051\u0026viewe"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368264"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04347622"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349175"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678356"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095940"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004830"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10071"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/29a7e-50e49f9c009f9/cert_security_mini_bulletin_xrx14g_for_77xx_v1.1.pdf"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020200"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory8.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021009"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678104"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690128"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004695"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03b"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03c"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03f"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-bd9a1cf60e344c549c4888db93"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-3395d737d98f42149125b9bb05"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-e8076c2a35804685ad65b2b1ba"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0224.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0198.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/site/articles/904433"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2010-5298.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3470.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0221.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0195.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/362.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=33860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2192-1/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-511c3e0b2f6f4f6bbc796fc619"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-3a7aa5e233904ebe847a5e1555"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-d775367b0a28449ca05660778b"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2520"
},
{
"trust": 0.1,
"url": "https://support.emc.com/downloads/2732_documentum-server"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2521"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-f6c141a7feeb4a358bbb28300f"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-c0d32bac154a4d93839d8cd1f2"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-8aefeaf490284a7691eca97d13"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/solutions/905793"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1796"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0064"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1774"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1899"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/search"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1798"
},
{
"trust": 0.1,
"url": "https://support.emc.com/products/28224_unisphere-central"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2137"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0311"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1792"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0914"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0349"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0020"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1848"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1767"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3389"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6085"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5885"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0913"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1797"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/home.cfm."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6548"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1772"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0289"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0287"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150319.txt"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3570"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150108.txt"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0221"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0288"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0206"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3569"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/products/service_pack/hpsu"
},
{
"trust": 0.1,
"url": "https://twitter.com/vmwaresrc"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2077359"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/lifecycle.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/patchmgr/download.portal"
},
{
"trust": 0.1,
"url": "http://h18013.www1.hp.com/products/servers/management/hpsim/download.html"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.1,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.13"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1c-3ubuntu2.8"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2192-1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/solutions/906703"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0628.html"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "BID",
"id": "66801"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "126927"
},
{
"db": "PACKETSTORM",
"id": "130188"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "126481"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "BID",
"id": "66801"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "126927"
},
{
"db": "PACKETSTORM",
"id": "130188"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "126481"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-14T00:00:00",
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"date": "2014-04-13T00:00:00",
"db": "BID",
"id": "66801"
},
{
"date": "2014-07-06T18:53:39",
"db": "PACKETSTORM",
"id": "127362"
},
{
"date": "2014-08-19T16:52:04",
"db": "PACKETSTORM",
"id": "127923"
},
{
"date": "2014-08-08T21:53:16",
"db": "PACKETSTORM",
"id": "127807"
},
{
"date": "2014-06-05T15:17:27",
"db": "PACKETSTORM",
"id": "126927"
},
{
"date": "2015-01-30T22:43:20",
"db": "PACKETSTORM",
"id": "130188"
},
{
"date": "2015-03-27T20:42:44",
"db": "PACKETSTORM",
"id": "131044"
},
{
"date": "2017-01-25T21:54:44",
"db": "PACKETSTORM",
"id": "140720"
},
{
"date": "2014-07-02T21:43:37",
"db": "PACKETSTORM",
"id": "127326"
},
{
"date": "2014-06-11T23:18:46",
"db": "PACKETSTORM",
"id": "127045"
},
{
"date": "2014-06-05T21:13:52",
"db": "PACKETSTORM",
"id": "126961"
},
{
"date": "2014-08-26T11:11:00",
"db": "PACKETSTORM",
"id": "128001"
},
{
"date": "2014-05-05T17:16:01",
"db": "PACKETSTORM",
"id": "126481"
},
{
"date": "2014-06-05T15:19:35",
"db": "PACKETSTORM",
"id": "126930"
},
{
"date": "2014-04-14T22:38:08.590000",
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"date": "2017-05-23T16:24:00",
"db": "BID",
"id": "66801"
},
{
"date": "2022-08-29T20:53:02.917000",
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "66801"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL \u0027ssl3_release_read_buffer()\u0027 Use-After-Free Memory Corruption Vulnerability",
"sources": [
{
"db": "BID",
"id": "66801"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "66801"
}
],
"trust": 0.3
}
}
VAR-201506-0231
Vulnerability from variot - Updated: 2024-07-23 20:32The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication. OpenSSL is prone to denial-of-service vulnerability. An attacker may exploit this issue to cause a denial-of-service condition.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.1o >= 0.9.8z_p7 >= 1.0.1o
Description
Multiple vulnerabilities have been found in OpenSSL. Please review the CVE identifiers referenced below for details.
Resolution
All OpenSSL 1.0.1 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1o"
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8z_p7"
References
[ 1 ] CVE-2014-8176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8176 [ 2 ] CVE-2015-1788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1788 [ 3 ] CVE-2015-1789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1789 [ 4 ] CVE-2015-1790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1790 [ 5 ] CVE-2015-1791 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1791 [ 6 ] CVE-2015-1792 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1792 [ 7 ] CVE-2015-4000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4000
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201506-02
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. This could allow remote attackers to cause a denial of service (crash) or potentially execute arbitrary code. This could allow remote attackers to cause a denial of service. This could allow remote attackers to cause a denial of service (crash) via crafted ASN.1-encoded PKCS#7 blobs. This could allow remote attackers to cause a denial of service (crash). This could allow remote attackers to cause a denial of service.
For the oldstable distribution (wheezy), these problems have been fixed in version 1.0.1e-2+deb7u17.
For the stable distribution (jessie), these problems have been fixed in version 1.0.1k-3+deb8u1.
For the testing distribution (stretch), these problems have been fixed in version 1.0.2b-1.
For the unstable distribution (sid), these problems have been fixed in version 1.0.2b-1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n a-c05184351
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05184351 Version: 1
HPSBHF03613 rev.1 - HPE Network Products including iMC, VCX, and Comware using OpenSSL, Remote Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2016-07-05 Last Updated: 2016-07-05
Potential Security Impact: Remote Denial of Service (DoS), Unauthorized Access
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities in OpenSSL have been addressed with HPE network products including iMC, VCX, Comware 5 and Comware 7. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS) or unauthorized access.
Please refer to the RESOLUTION below for a list of impacted products.
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2014-8176
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2015-1788
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2015-1789
3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2015-1790
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2015-1791
5.6 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2015-1792
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2015-1793
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docI
d=emr_na-c01345499
RESOLUTION HPE has released the following software updates to resolve the vulnerabilities in the HP network products including iMC, VCX, Comware 5 and Comware 7.
COMWARE 5 Products
- A6600 (Comware 5) - Version: R3303P23
- HP Network Products
- JC165A HP 6600 RPE-X1 Router Module
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JC566A HP 6600 RSE-X1 Router Main Processing Unit
- JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit
- JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit
- HSR6602 (Comware 5) - Version: R3303P23
- HP Network Products
- JC176A HP 6602 Router Chassis
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG355A HP 6600 MCP-X1 Router Main Processing Unit
- JG356A HP 6600 MCP-X2 Router Main Processing Unit
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit
- HSR6800 (Comware 5) - Version: R3303P23
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit
- MSR20 (Comware 5) - Version: R2514P10
- HP Network Products
- JD432A HP A-MSR20-21 Router
- JD662A HP MSR20-20 Router
- JD663A HP A-MSR20-21 Router
- JD663B HP MSR20-21 Router
- JD664A HP MSR20-40 Router
- JF228A HP MSR20-40 Router
- JF283A HP MSR20-20 Router
- MSR20-1X (Comware 5) - Version: R2514P10
- HP Network Products
- JD431A HP MSR20-10 Router
- JD667A HP MSR20-15 IW Multi-Service Router
- JD668A HP MSR20-13 Multi-Service Router
- JD669A HP MSR20-13 W Multi-Service Router
- JD670A HP MSR20-15 A Multi-Service Router
- JD671A HP MSR20-15 AW Multi-Service Router
- JD672A HP MSR20-15 I Multi-Service Router
- JD673A HP MSR20-11 Multi-Service Router
- JD674A HP MSR20-12 Multi-Service Router
- JD675A HP MSR20-12 W Multi-Service Router
- JD676A HP MSR20-12 T1 Multi-Service Router
- JF236A HP MSR20-15-I Router
- JF237A HP MSR20-15-A Router
- JF238A HP MSR20-15-I-W Router
- JF239A HP MSR20-11 Router
- JF240A HP MSR20-13 Router
- JF241A HP MSR20-12 Router
- JF806A HP MSR20-12-T Router
- JF807A HP MSR20-12-W Router
- JF808A HP MSR20-13-W Router
- JF809A HP MSR20-15-A-W Router
- JF817A HP MSR20-15 Router
- JG209A HP MSR20-12-T-W Router (NA)
- JG210A HP MSR20-13-W Router (NA)
- MSR 30 (Comware 5) - Version: R2514P10
- HP Network Products
- JD654A HP MSR30-60 POE Multi-Service Router
- JD657A HP MSR30-40 Multi-Service Router
- JD658A HP MSR30-60 Multi-Service Router
- JD660A HP MSR30-20 POE Multi-Service Router
- JD661A HP MSR30-40 POE Multi-Service Router
- JD666A HP MSR30-20 Multi-Service Router
- JF229A HP MSR30-40 Router
- JF230A HP MSR30-60 Router
- JF232A HP RTMSR3040-AC-OVSAS-H3
- JF235A HP MSR30-20 DC Router
- JF284A HP MSR30-20 Router
- JF287A HP MSR30-40 DC Router
- JF801A HP MSR30-60 DC Router
- JF802A HP MSR30-20 PoE Router
- JF803A HP MSR30-40 PoE Router
- JF804A HP MSR30-60 PoE Router
- JG728A HP MSR30-20 TAA-compliant DC Router
- JG729A HP MSR30-20 TAA-compliant Router
- MSR 30-16 (Comware 5) - Version: R2514P10
- HP Network Products
- JD659A HP MSR30-16 POE Multi-Service Router
- JD665A HP MSR30-16 Multi-Service Router
- JF233A HP MSR30-16 Router
- JF234A HP MSR30-16 PoE Router
- MSR 30-1X (Comware 5) - Version: R2514P10
- HP Network Products
- JF800A HP MSR30-11 Router
- JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr
- JG182A HP MSR30-11E Router
- JG183A HP MSR30-11F Router
- JG184A HP MSR30-10 DC Router
- MSR 50 (Comware 5) - Version: R2514P10
- HP Network Products
- JD433A HP MSR50-40 Router
- JD653A HP MSR50 Processor Module
- JD655A HP MSR50-40 Multi-Service Router
- JD656A HP MSR50-60 Multi-Service Router
- JF231A HP MSR50-60 Router
- JF285A HP MSR50-40 DC Router
- JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply
- MSR 50-G2 (Comware 5) - Version: R2514P10
- HP Network Products
- JD429A HP MSR50 G2 Processor Module
- JD429B HP MSR50 G2 Processor Module
- MSR 9XX (Comware 5) - Version: R2514P10
- HP Network Products
- JF812A HP MSR900 Router
- JF813A HP MSR920 Router
- JF814A HP MSR900-W Router
- JF815A HP MSR920 2FEWAN/8FELAN/.11 b/g Rtr
- JG207A HP MSR900-W Router (NA)
- JG208A HP MSR920-W Router (NA)
- MSR 93X (Comware 5) - Version: R2514P10
- HP Network Products
- JG511A HP MSR930 Router
- JG511B HP MSR930 Router
- JG512A HP MSR930 Wireless Router
- JG513A HP MSR930 3G Router
- JG513B HP MSR930 3G Router
- JG514A HP MSR931 Router
- JG514B HP MSR931 Router
- JG515A HP MSR931 3G Router
- JG516A HP MSR933 Router
- JG517A HP MSR933 3G Router
- JG518A HP MSR935 Router
- JG518B HP MSR935 Router
- JG519A HP MSR935 Wireless Router
- JG520A HP MSR935 3G Router
- JG531A HP MSR931 Dual 3G Router
- JG531B HP MSR931 Dual 3G Router
- JG596A HP MSR930 4G LTE/3G CDMA Router
- JG597A HP MSR936 Wireless Router
- JG665A HP MSR930 4G LTE/3G WCDMA Global Router
- JG704A HP MSR930 4G LTE/3G WCDMA ATT Router
- JH009A HP MSR931 Serial (TI) Router
- JH010A HP MSR933 G.SHDSL (TI) Router
- JH011A HP MSR935 ADSL2+ (TI) Router
- JH012A HP MSR930 Wireless 802.11n (NA) Router
- JH012B HP MSR930 Wireless 802.11n (NA) Router
- JH013A HP MSR935 Wireless 802.11n (NA) Router
- MSR1000 (Comware 5) - Version: R2514P10
- HP Network Products
- JG732A HP MSR1003-8 AC Router
- 12500 (Comware 5) - Version: R1829P01
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JC808A HP 12500 TAA Main Processing Unit
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- 9500E (Comware 5) - Version: R1829P01
- HP Network Products
- JC124A HP A9508 Switch Chassis
- JC124B HP 9505 Switch Chassis
- JC125A HP A9512 Switch Chassis
- JC125B HP 9512 Switch Chassis
- JC474A HP A9508-V Switch Chassis
- JC474B HP 9508-V Switch Chassis
- 10500 (Comware 5) - Version: R1210P01
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC614A HP 10500 Main Processing Unit
- JC748A HP 10512 Switch Chassis
- JG375A HP 10500 TAA-compliant Main Processing Unit
- JG820A HP 10504 TAA-compliant Switch Chassis
- JG821A HP 10508 TAA-compliant Switch Chassis
- JG822A HP 10508-V TAA-compliant Switch Chassis
- JG823A HP 10512 TAA-compliant Switch Chassis
- 7500 (Comware 5) - Version: R6710P01
- HP Network Products
- JC666A HP 7503-S 144Gbps Fabric/MPU with PoE Upgradable 20-port Gig-T/4-port GbE Combo
- JC697A HP 7502 TAA-compliant Main Processing Unit
- JC698A HP 7503-S 144Gbps TAA Fabric / MPU with 16 GbE SFP Ports and 8 GbE Combo Ports
- JC699A HP 7500 384Gbps TAA-compliant Fabric / MPU with 2 10GbE XFP Ports
- JC700A HP 7500 384Gbps TAA-compliant Fabric / Main Processing Unit
- JC701A HP 7500 768Gbps TAA-compliant Fabric / Main Processing Unit
- JD193A HP 7500 384Gbps Fabric Module with 2 XFP Ports
- JD193B HP 7500 384Gbps Fabric Module with 2 XFP Ports
- JD194A HP 7500 384Gbps Fabric Module
- JD194B HP 7500 384Gbps Fabric Module
- JD195A HP 7500 384Gbps Advanced Fabric Module
- JD196A HP 7502 Fabric Module
- JD220A HP 7500 768Gbps Fabric Module
- JD224A HP 7500 384Gbps Fabric Module with 12 SFP Ports
- JD238A HP 7510 Switch Chassis
- JD238B HP 7510 Switch Chassis
- JD239A HP 7506 Switch Chassis
- JD239B HP 7506 Switch Chassis
- JD240A HP 7503 Switch Chassis
- JD240B HP 7503 Switch Chassis
- JD241A HP 7506-V Switch Chassis
- JD241B HP 7506-V Switch Chassis
- JD242A HP 7502 Switch Chassis
- JD242B HP 7502 Switch Chassis
- JD243A HP 7503-S Switch Chassis with 1 Fabric Slot
- JD243B HP 7503-S Switch Chassis with 1 Fabric Slot
- JE164A HP E7902 Switch Chassis
- JE165A HP E7903 Switch Chassis
- JE166A HP E7903 1 Fabric Slot Switch Chassis
- JE167A HP E7906 Switch Chassis
- JE168A HP E7906 Vertical Switch Chassis
- JE169A HP E7910 Switch Chassis
- 5830 (Comware 5) - Version: R1118P13
- HP Network Products
- JC691A HP 5830AF-48G Switch with 1 Interface Slot
- JC694A HP 5830AF-96G Switch
- JG316A HP 5830AF-48G TAA-compliant Switch w/1 Interface Slot
- JG374A HP 5830AF-96G TAA-compliant Switch
- 5800 (Comware 5) - Version: R1809P11
- HP Network Products
- JC099A HP 5800-24G-PoE Switch
- JC099B HP 5800-24G-PoE+ Switch
- JC100A HP 5800-24G Switch
- JC100B HP 5800-24G Switch
- JC101A HP 5800-48G Switch with 2 Slots
- JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots
- JC103A HP 5800-24G-SFP Switch
- JC103B HP 5800-24G-SFP Switch with 1 Interface Slot
- JC104A HP 5800-48G-PoE Switch
- JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot
- JC105A HP 5800-48G Switch
- JC105B HP 5800-48G Switch with 1 Interface Slot
- JG254A HP 5800-24G-PoE+ TAA-compliant Switch
- JG254B HP 5800-24G-PoE+ TAA-compliant Switch
- JG255A HP 5800-24G TAA-compliant Switch
- JG255B HP 5800-24G TAA-compliant Switch
- JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot
- JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot
- JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot
- JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot
- JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot
- JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot
- JG225A HP 5800AF-48G Switch
- JG225B HP 5800AF-48G Switch
- JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots
- JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface
- JG243A HP 5820-24XG-SFP+ TAA-compliant Switch
- JG243B HP 5820-24XG-SFP+ TAA-compliant Switch
- JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots & 1 OAA Slot
- JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots and 1 OAA Slot
- JC106A HP 5820-14XG-SFP+ Switch with 2 Slots
- JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots & 1 OAA Slot
- JG219A HP 5820AF-24XG Switch
- JG219B HP 5820AF-24XG Switch
- JC102A HP 5820-24XG-SFP+ Switch
- JC102B HP 5820-24XG-SFP+ Switch
- 5500 HI (Comware 5) - Version: R5501P17
- HP Network Products
- JG311A HP 5500-24G-4SFP HI Switch with 2 Interface Slots
- JG312A HP 5500-48G-4SFP HI Switch with 2 Interface Slots
- JG541A HP 5500-24G-PoE+-4SFP HI Switch with 2 Interface Slots
- JG542A HP 5500-48G-PoE+-4SFP HI Switch with 2 Interface Slots
- JG543A HP 5500-24G-SFP HI Switch with 2 Interface Slots
- JG679A HP 5500-24G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface Slots
- JG680A HP 5500-48G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface Slots
- JG681A HP 5500-24G-SFP HI TAA-compliant Switch with 2 Interface Slots
- 5500 EI (Comware 5) - Version: R2221P19
- HP Network Products
- JD373A HP 5500-24G DC EI Switch
- JD374A HP 5500-24G-SFP EI Switch
- JD375A HP 5500-48G EI Switch
- JD376A HP 5500-48G-PoE EI Switch
- JD377A HP 5500-24G EI Switch
- JD378A HP 5500-24G-PoE EI Switch
- JD379A HP 5500-24G-SFP DC EI Switch
- JG240A HP 5500-48G-PoE+ EI Switch with 2 Interface Slots
- JG241A HP 5500-24G-PoE+ EI Switch with 2 Interface Slots
- JG249A HP 5500-24G-SFP EI TAA-compliant Switch with 2 Interface
- JG250A HP 5500-24G EI TAA-compliant Switch with 2 Interface Slots
- JG251A HP 5500-48G EI TAA-compliant Switch with 2 Interface Slots
- JG252A HP 5500-24G-PoE+ EI TAA-compliant Switch with 2 Interface Slots
- JG253A HP 5500-48G-PoE+ EI TAA-compliant Switch with 2 Interface Slots
- 4800G (Comware 5) - Version: R2221P19
- HP Network Products
- JD007A HP 4800-24G Switch
- JD008A HP 4800-24G-PoE Switch
- JD009A HP 4800-24G-SFP Switch
- JD010A HP 4800-48G Switch
- JD011A HP 4800-48G-PoE Switch
- 5500SI (Comware 5) - Version: R2221P20
- HP Network Products
- JD369A HP 5500-24G SI Switch
- JD370A HP 5500-48G SI Switch
- JD371A HP 5500-24G-PoE SI Switch
- JD372A HP 5500-48G-PoE SI Switch
- JG238A HP 5500-24G-PoE+ SI Switch with 2 Interface Slots
- JG239A HP 5500-48G-PoE+ SI Switch with 2 Interface Slots
- 4500G (Comware 5) - Version: R2221P20
- HP Network Products
- JF428A HP 4510-48G Switch
- JF847A HP 4510-24G Switch
- 5120 EI (Comware 5) - Version: R2221P20
- HP Network Products
- JE066A HP 5120-24G EI Switch
- JE067A HP 5120-48G EI Switch
- JE068A HP 5120-24G EI Switch with 2 Interface Slots
- JE069A HP 5120-48G EI Switch with 2 Interface Slots
- JE070A HP 5120-24G-PoE EI 2-slot Switch
- JE071A HP 5120-48G-PoE EI 2-slot Switch
- JG236A HP 5120-24G-PoE+ EI Switch with 2 Interface Slots
- JG237A HP 5120-48G-PoE+ EI Switch with 2 Interface Slots
- JG245A HP 5120-24G EI TAA-compliant Switch with 2 Interface Slots
- JG246A HP 5120-48G EI TAA-compliant Switch with 2 Interface Slots
- JG247A HP 5120-24G-PoE+ EI TAA-compliant Switch with 2 Slots
- JG248A HP 5120-48G-PoE+ EI TAA-compliant Switch with 2 Slots
- 4210G (Comware 5) - Version: R2221P20
- HP Network Products
- JF844A HP 4210-24G Switch
- JF845A HP 4210-48G Switch
- JF846A HP 4210-24G-PoE Switch
- 5120 SI (Comware 5) - Version: R1516
- HP Network Products
- JE072A HP 5120-48G SI Switch
- JE072B HPE 5120 48G SI Switch
- JE073A HP 5120-16G SI Switch
- JE073B HPE 5120 16G SI Switch
- JE074A HP 5120-24G SI Switch
- JE074B HPE 5120 24G SI Switch
- JG091A HP 5120-24G-PoE+ (370W) SI Switch
- JG091B HPE 5120 24G PoE+ (370W) SI Switch
- JG092A HP 5120-24G-PoE+ (170W) SI Switch
- JG309B HPE 5120 8G PoE+ (180W) SI Switch
- JG310B HPE 5120 8G PoE+ (65W) SI Switch
- 3610 (Comware 5) - Version: R5319P14
- HP Network Products
- JD335A HP 3610-48 Switch
- JD336A HP 3610-24-4G-SFP Switch
- JD337A HP 3610-24-2G-2G-SFP Switch
- JD338A HP 3610-24-SFP Switch
- 3600V2 (Comware 5) - Version: R2110P06
- HP Network Products
- JG299A HP 3600-24 v2 EI Switch
- JG299B HP 3600-24 v2 EI Switch
- JG300A HP 3600-48 v2 EI Switch
- JG300B HP 3600-48 v2 EI Switch
- JG301A HP 3600-24-PoE+ v2 EI Switch
- JG301B HP 3600-24-PoE+ v2 EI Switch
- JG301C HP 3600-24-PoE+ v2 EI Switch
- JG302A HP 3600-48-PoE+ v2 EI Switch
- JG302B HP 3600-48-PoE+ v2 EI Switch
- JG302C HP 3600-48-PoE+ v2 EI Switch
- JG303A HP 3600-24-SFP v2 EI Switch
- JG303B HP 3600-24-SFP v2 EI Switch
- JG304A HP 3600-24 v2 SI Switch
- JG304B HP 3600-24 v2 SI Switch
- JG305A HP 3600-48 v2 SI Switch
- JG305B HP 3600-48 v2 SI Switch
- JG306A HP 3600-24-PoE+ v2 SI Switch
- JG306B HP 3600-24-PoE+ v2 SI Switch
- JG306C HP 3600-24-PoE+ v2 SI Switch
- JG307A HP 3600-48-PoE+ v2 SI Switch
- JG307B HP 3600-48-PoE+ v2 SI Switch
- JG307C HP 3600-48-PoE+ v2 SI Switch
- 3100V2-48 (Comware 5) - Version: R2110P06
- HP Network Products
- JG315A HP 3100-48 v2 Switch
- JG315B HP 3100-48 v2 Switch
- HP870 (Comware 5) - Version: R2607P46
- HP Network Products
- JG723A HP 870 Unified Wired-WLAN Appliance
- JG725A HP 870 Unified Wired-WLAN TAA-compliant Appliance
- HP850 (Comware 5) - Version: R2607P46
- HP Network Products
- JG722A HP 850 Unified Wired-WLAN Appliance
- JG724A HP 850 Unified Wired-WLAN TAA-compliant Appliance
- HP830 (Comware 5) - Version: R3507P46
- HP Network Products
- JG640A HP 830 24-Port PoE+ Unified Wired-WLAN Switch
- JG641A HP 830 8-port PoE+ Unified Wired-WLAN Switch
- JG646A HP 830 24-Port PoE+ Unified Wired-WLAN TAA-compliant Switch
- JG647A HP 830 8-Port PoE+ Unified Wired-WLAN TAA-compliant
- HP6000 (Comware 5) - Version: R2507P46
- HP Network Products
- JG639A HP 10500/7500 20G Unified Wired-WLAN Module
- JG645A HP 10500/7500 20G Unified Wired-WLAN TAA-compliant Module
- WX5004-EI (Comware 5) - Version: R2507P46
- HP Network Products
- JD447B HP WX5002 Access Controller
- JD448A HP WX5004 Access Controller
- JD448B HP WX5004 Access Controller
- JD469A HP WX5004 Access Controller
- SecBlade FW (Comware 5) - Version: R3181P07
- HP Network Products
- JC635A HP 12500 VPN Firewall Module
- JD245A HP 9500 VPN Firewall Module
- JD249A HP 10500/7500 Advanced VPN Firewall Module
- JD250A HP 6600 Firewall Processing Router Module
- JD251A HP 8800 Firewall Processing Module
- JD255A HP 5820 VPN Firewall Module
- F1000-E (Comware 5) - Version: R3181P07
- HP Network Products
- JD272A HP F1000-E VPN Firewall Appliance
- F1000-A-EI (Comware 5) - Version: R3734P08
- HP Network Products
- JG214A HP F1000-A-EI VPN Firewall Appliance
- F1000-S-EI (Comware 5) - Version: R3734P08
- HP Network Products
- JG213A HP F1000-S-EI VPN Firewall Appliance
- F5000-A (Comware 5) - Version: F3210P26
- HP Network Products
- JD259A HP A5000-A5 VPN Firewall Chassis
- JG215A HP F5000 Firewall Main Processing Unit
- JG216A HP F5000 Firewall Standalone Chassis
- U200S and CS (Comware 5) - Version: F5123P33
- HP Network Products
- JD273A HP U200-S UTM Appliance
- U200A and M (Comware 5) - Version: F5123P33
- HP Network Products
- JD275A HP U200-A UTM Appliance
- F5000-C/S (Comware 5) - Version: R3811P05
- HP Network Products
- JG650A HP F5000-C VPN Firewall Appliance
- JG370A HP F5000-S VPN Firewall Appliance
- SecBlade III (Comware 5) - Version: R3820P06
- HP Network Products
- JG371A HP 12500 20Gbps VPN Firewall Module
- JG372A HP 10500/11900/7500 20Gbps VPN Firewall Module
- 6600 RSE RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JC566A HP 6600 RSE-X1 Router Main Processing Unit
- JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit
- 6600 RPE RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JC165A) HP 6600 RPE-X1 Router Module
- JG781A) HP 6600 RPE-X1 TAA-compliant Main Processing Unit
- 6602 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JC176A) HP 6602 Router Chassis
- HSR6602 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG355A HP 6600 MCP-X1 Router Main Processing Unit
- JG356A HP 6600 MCP-X2 Router Main Processing Unit
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit
- HSR6800 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit
- SMB1910 (Comware 5) - Version: R1111
- HP Network Products
- JG540A HP 1910-48 Switch
- JG539A HP 1910-24-PoE+ Switch
- JG538A HP 1910-24 Switch
- JG537A HP 1910-8 -PoE+ Switch
- JG536A HP 1910-8 Switch
- SMB1920 (Comware 5) - Version: R1109
- HP Network Products
- JG928A HP 1920-48G-PoE+ (370W) Switch
- JG927A HP 1920-48G Switch
- JG926A HP 1920-24G-PoE+ (370W) Switch
- JG925A HP 1920-24G-PoE+ (180W) Switch
- JG924A HP 1920-24G Switch
- JG923A HP 1920-16G Switch
- JG922A HP 1920-8G-PoE+ (180W) Switch
- JG921A HP 1920-8G-PoE+ (65W) Switch
- JG920A HP 1920-8G Switch
- V1910 (Comware 5) - Version: R1516
- HP Network Products
- JE005A HP 1910-16G Switch
- JE006A HP 1910-24G Switch
- JE007A HP 1910-24G-PoE (365W) Switch
- JE008A HP 1910-24G-PoE(170W) Switch
- JE009A HP 1910-48G Switch
- JG348A HP 1910-8G Switch
- JG349A HP 1910-8G-PoE+ (65W) Switch
- JG350A HP 1910-8G-PoE+ (180W) Switch
- SMB 1620 (Comware 5) - Version: R1108
- HP Network Products
- JG914A HP 1620-48G Switch
- JG913A HP 1620-24G Switch
- JG912A HP 1620-8G Switch
COMWARE 7 Products
- 12500 (Comware 7) - Version: R7376
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- 10500 (Comware 7) - Version: R7170
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
- 12900 (Comware 7) - Version: R1138P01
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- 5900 (Comware 7) - Version: R2422P01
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- MSR1000 (Comware 7) - Version: R0305P04
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- MSR2000 (Comware 7) - Version: R0305P04
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- MSR3000 (Comware 7) - Version: R0305P04
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG407A HP MSR3024 DC Router
- JG408A HP MSR3024 PoE Router
- JG409A HP MSR3012 AC Router
- JG410A HP MSR3012 DC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- MSR4000 (Comware 7) - Version: R0305P04
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- VSR (Comware 7) - Version: E0321P01
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- 7900 (Comware 7) - Version: R2138P01
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- 5130 (Comware 7) - Version: R3109P16
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- 5700 (Comware 7) - Version: R2422P01
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- 5930 (Comware 7) - Version: R2422P01
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- HSR6600 (Comware 7) - Version: R7103P05
- HP Network Products
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- HSR6800 (Comware 7) - Version: R7103P05
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing
- JH075A HP HSR6800 RSE-X3 Router Main Processing Unit
- 1950 (Comware 7) - Version: R3109P16
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
- 7500 (Comware 7) - Version: R7170
- HP Network Products
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
iMC Products
- iMC Plat - Version: iMC Plat 7.1 E0303P16
- HP Network Products
- JD125A HP IMC Std S/W Platform w/100-node
- JD126A HP IMC Ent S/W Platform w/100-node
- JD808A HP IMC Ent Platform w/100-node License
- JD814A HP A-IMC Enterprise Edition Software DVD Media
- JD815A HP IMC Std Platform w/100-node License
- JD816A HP A-IMC Standard Edition Software DVD Media
- JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU
- JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU
- JF377A HP IMC Std S/W Platform w/100-node Lic
- JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU
- JF378A HP IMC Ent S/W Platform w/200-node Lic
- JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU
- JG546AAE HP IMC Basic SW Platform w/50-node E-LTU
- JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU
- JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU
- JG550AAE HP PMM to IMC Bsc WLM Upgr w/150AP E-LTU
- JG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU
- JG659AAE HP IMC Smart Connect VAE E-LTU
- JG660AAE HP IMC Smart Connect w/WLM VAE E-LTU
- JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU
- JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU
- JG766AAE HP IMC SmCnct Vrtl Applnc SW E-LTU
- JG767AAE HP IMC SmCnct WSM Vrtl Applnc SW E-LTU
- JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU
- iMC iNode - Version: iNode PC 7.1 E0313, or, iNode PC 7.2 (E0401)
- HP Network Products
- JD144A HP A-IMC User Access Management Software Module with 200-user License
- JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JD435A HP A-IMC Endpoint Admission Defense Client Software
- JF388A HP IMC User Authentication Management Software Module with 200-user License
- JF388AAE HP IMC User Authentication Management Software Module with 200-user E-LTU
- JF391A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JF391AAE HP IMC Endpoint Admission Defense Software Module with 200-user E-LTU
- JG752AAE HP IMC User Access Manager Software Module with 50-user E-LTU
- JG754AAE) HP IMC Endpoint Admission Defense Software Module with 50-user E-LTU
- iMC TAM_UAM - Version: iMC UAM_TAM 7.1 (E0307)
- HP Network Products
- JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE
- JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU
- JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU
- JG483A HP IMC TAM S/W MODULE W/100-NODE LIC
- JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU
- JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU
- iMC NSM - Version: iMC WSM 7.1 E0303P10
- HP Network Products
- JD456A HP IMC WSM Software Module with 50-Access Point License
- JF414A HP IMC Wireless Service Manager Software Module with 50-Access Point License
- JF414AAE HP IMC Wireless Service Manager Software Module with 50-Access Point E-LTU
- JG551AAE HP PCM+ Mobility Manager to IMC Wireless Service Manager Module Upgrade with 250 Access Point E-LTU
- JG758AAE HP IMC WSM/RTLS w/ 50-node E-LTU
- JG769AAE HP PCM Mobility Manager to IMC Wireless Service Manager Upg with 250-node E-LTU
VCX Products
- VCX - Version: 9.8.18
- HP Network Products
- J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
HISTORY Version:1 (rev.1) - 5 July 2016 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability with any HPE supported product, send Email to: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-15:10.openssl Security Advisory The FreeBSD Project
Topic: Multiple OpenSSL vulnerabilities
Category: contrib Module: openssl Announced: 2015-06-12 Affects: All supported versions of FreeBSD. Corrected: 2015-06-11 19:07:45 UTC (stable/10, 10.1-STABLE) 2015-06-12 07:23:55 UTC (releng/10.1, 10.1-RELEASE-p12) 2015-06-11 19:39:27 UTC (stable/9, 9.3-STABLE) 2015-06-12 07:23:55 UTC (releng/9.3, 9.3-RELEASE-p16) 2015-06-11 19:39:27 UTC (stable/8, 8.4-STABLE) 2015-06-12 07:23:55 UTC (releng/8.4, 8.4-RELEASE-p30) CVE Name: CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 CVE-2015-1792, CVE-2015-4000
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I. Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
II. [CVE-2015-1791]
The OpenSSL advisory also describes a problem that is identified as CVE-2014-8176, which is already fixed by an earlier FreeBSD Errata Notice, FreeBSD-EN-15:02.openssl.
III. [CVE-2015-4000]. [CVE-2015-1788]. This affects FreeBSD 10.1 only, as the problem was no longer exist in OpenSSL 0.9.8 series since July 2012. [CVE-2015-1790]. [CVE-2015-1792]
An attacker may be able to crash multi-thread applications that supports resumed TLS handshakes. [CVE-2015-1791]
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 10.1]
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch.asc
gpg --verify openssl-10.1.patch.asc
[FreeBSD 9.3 and 8.4]
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch.asc
gpg --verify openssl-8.4.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart all deamons using the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r284286 releng/8.4/ r284295 stable/9/ r284286 releng/9.3/ r284295 stable/10/ r284285 releng/10.1/ r284295
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.1.4 (FreeBSD)
iQIcBAEBCgAGBQJVeopGAAoJEO1n7NZdz2rnzhQP/Ak6el188Y+7QbEYVfCZ7eG8 BQLj5TMGHV5swSKVlPcEuBlMwTjpgB5Gqhc8luDS0eIAuJGdcMPSrZDdXxWQFtPf pbfIwp/ElFc7d6ut0Y8t6fFLJbhTOoHJpzTGkFRfJkjinGOx7OZQPeLJsxSubbnL JKugZ3diH6yk6IPMf9SvhO/kYXUF1VbXQvHNTnqgdhFVkgF6tK22Pkl2XoJ9EHbh vBXft1yJwiYlZ//DxZuScTUj1pHYzK3bOpg//REJMWCMj1RVwQr2EyDa0Q2cT02d eRnSZykXD69eybyzEck+BvwnUYYJICimnHuE5t78UIr0D/NWyOAZTQ99z5TID5aV HXkcil+1E/Q+xBB4+5UOOnESf6cmiWwewQOVvD26ZY39E6oJXvsrWnyxIuCG6DL9 sLtxB6iTYlTX5Civ/VJX8H7rFiw4UwMembthvGzck22026iHjplWM3GCWz0E8O3R PrXBHjAzNFawK3owNMxFSUFTuFw/qY7EEwJ3SKCEC+hoxcLOl26NMxrQKRIAUk+I MMOaZfvOh2uM19y9SJZz8+sqU8gIm7ihDm5fuSkO8kY0jdvLwyS9bXAejN/lZ6oJ TyfTDDyXDOdaPpnpQehh6vQV0NiaJ+WXfGhfiE8/G/t6b1E0LlCaaGJTpYkildGe vVCM4Nyx4S9WDFOi76ug =dyhg -----END PGP SIGNATURE----- .
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1n-i486-1_slack14.1.txz: Upgraded. Fixes several bugs and security issues: o Malformed ECParameters causes infinite loop (CVE-2015-1788) o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) o CMS verify infinite loop with unknown hash function (CVE-2015-1792) o Race condition handling NewSessionTicket (CVE-2015-1791) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791 ( Security fix ) patches/packages/openssl-solibs-1.0.1n-i486-1_slack14.1.txz: Upgraded. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zg-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.0.txz
Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.0.txz
Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zg-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.1.txz
Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.1.txz
Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zg-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.37.txz
Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.37.txz
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1n-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1n-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1n-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1n-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1n-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1n-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1n-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1n-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1n-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1n-i586-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1n-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1n-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 packages: 383ecfed6bfef1440a44d7082745848a openssl-0.9.8zg-i486-1_slack13.0.txz fb186187ffa200e22d9450a9d0e321f6 openssl-solibs-0.9.8zg-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages: eb52318ed52fef726402f0b2a74745c5 openssl-0.9.8zg-x86_64-1_slack13.0.txz 9447927b960a01b21149e28a9783021f openssl-solibs-0.9.8zg-x86_64-1_slack13.0.txz
Slackware 13.1 packages: 37f46f6b4fe2acbe217eaf7c0b33b704 openssl-0.9.8zg-i486-1_slack13.1.txz 986de2e71676f61d788a59a1e0c8de1f openssl-solibs-0.9.8zg-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages: 6b160ce817dcde3ae5b3a861b284387b openssl-0.9.8zg-x86_64-1_slack13.1.txz 503d891680c711162386ea7e3daadca8 openssl-solibs-0.9.8zg-x86_64-1_slack13.1.txz
Slackware 13.37 packages: 5e7501b1d73d01d3d87704c3cfd3a888 openssl-0.9.8zg-i486-1_slack13.37.txz 874f0b59870dd3f259640c9930a02f99 openssl-solibs-0.9.8zg-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages: b6d91614458040d461dff3c3eab45206 openssl-0.9.8zg-x86_64-1_slack13.37.txz be106df5e59c2be7fa442df8ba85ad0b openssl-solibs-0.9.8zg-x86_64-1_slack13.37.txz
Slackware 14.0 packages: ee7c3937e6a6d7ac7537f751af7da7b9 openssl-1.0.1n-i486-1_slack14.0.txz 758662437d33f99ec0a686cedeb1919e openssl-solibs-1.0.1n-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 2dfdc4729e93cf460018e9e30a6223dc openssl-1.0.1n-x86_64-1_slack14.0.txz 9cb4b34e97e60f6bfe4c843aabeae954 openssl-solibs-1.0.1n-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 5a9bf08d55615cfc097109c2e3786f7b openssl-1.0.1n-i486-1_slack14.1.txz fb1c05468e5c38d51a8ff6ac435e3a20 openssl-solibs-1.0.1n-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: 1ef5cede3f954c3e4741012ffa76b750 openssl-1.0.1n-x86_64-1_slack14.1.txz ea22c288c60ae1d7ea8c5b3a1608462b openssl-solibs-1.0.1n-x86_64-1_slack14.1.txz
Slackware -current packages: 56db8712d653c060f910e8915a8f8656 a/openssl-solibs-1.0.1n-i586-1.txz 6d6264c9943e27240db5c8f5ec342e27 n/openssl-1.0.1n-i586-1.txz
Slackware x86_64 -current packages: e73f7aff5aa0ad14bc06428544f99ae2 a/openssl-solibs-1.0.1n-x86_64-1.txz 91b550b9eb0ac0c580e158375a93c0e4 n/openssl-1.0.1n-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1n-i486-1_slack14.1.txz openssl-solibs-1.0.1n-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address.
Please download the latest version of HPE Version Control Repository Manager (VCRM) (7.5.1) from the following location:
VCRM for Windows:
https://www.hp.com/swpublishing/MTX-b59b11be53744759a650eadeb4
VCRM for Linux is only available only with HPE Systems Insight Manager (HPE SIM):
https://www.hp.com/go/sim
HISTORY Version:1 (rev.1) - 12 May 2016 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. OpenSSL Security Advisory [11 Jun 2015] =======================================
DHE man-in-the-middle protection (Logjam)
A vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam (CVE-2015-4000).
OpenSSL has added protection for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits. This limit will be increased to 1024 bits in a future release.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n
Fixes for this issue were developed by Emilia Käsper and Kurt Roeckx of the OpenSSL development team.
This can be used to perform denial of service against any system which processes public keys, certificate requests or certificates. This includes TLS clients and TLS servers with client authentication enabled.
This issue affects OpenSSL versions: 1.0.2 and 1.0.1. Recent 1.0.0 and 0.9.8 versions are not affected. 1.0.0d and 0.9.8r and below are affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s OpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The fix was developed by Andy Polyakov of the OpenSSL development team.
Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
Severity: Moderate
X509_cmp_time does not properly check the length of the ASN1_TIME string and can read a few bytes out of bounds. In addition, X509_cmp_time accepts an arbitrary number of fractional seconds in the time string.
An attacker can use this to craft malformed certificates and CRLs of various sizes and potentially cause a segmentation fault, resulting in a DoS on applications that verify certificates or CRLs. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 8th April 2015 by Robert Swiecki (Google), and independently on 11th April 2015 by Hanno Böck. The fix was developed by Emilia Käsper of the OpenSSL development team.
PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
Severity: Moderate
The PKCS#7 parsing code does not handle missing inner EncryptedContent correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with missing content and trigger a NULL pointer dereference on parsing.
Applications that decrypt PKCS#7 data or otherwise parse PKCS#7 structures from untrusted sources are affected. OpenSSL clients and servers are not affected.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 18th April 2015 by Michal Zalewski (Google). The fix was developed by Emilia Käsper of the OpenSSL development team.
CMS verify infinite loop with unknown hash function (CVE-2015-1792)
Severity: Moderate
When verifying a signedData message the CMS code can enter an infinite loop if presented with an unknown hash function OID.
This can be used to perform denial of service against any system which verifies signedData messages using the CMS code.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 31st March 2015 by Johannes Bauer. The fix was developed by Dr. Stephen Henson of the OpenSSL development team.
Race condition handling NewSessionTicket (CVE-2015-1791)
Severity: Low
If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was discovered by Emilia Käsper of the OpenSSL development team. The fix was developed by Matt Caswell of the OpenSSL development team.
Invalid free in DTLS (CVE-2014-8176)
Severity: Moderate
This vulnerability does not affect current versions of OpenSSL. It existed in previous OpenSSL versions and was fixed in June 2014.
If a DTLS peer receives application data between the ChangeCipherSpec and Finished messages, buffering of such data may cause an invalid free, resulting in a segmentation fault or potentially, memory corruption.
This issue affected older OpenSSL versions 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
This issue was originally reported on March 28th 2014 in https://rt.openssl.org/Ticket/Display.html?id=3286 by Praveen Kariyanahalli, and subsequently by Ivan Fratric and Felix Groebert (Google). A fix was developed by zhu qun-ying.
The fix for this issue can be identified by commits bcc31166 (1.0.1), b79e6e3a (1.0.0) and 4b258e73 (0.9.8).
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date. Users of these releases are advised to upgrade.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20150611.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0231",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 1.8,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "15.1"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.3"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0q"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0o"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0n"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0r"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8zf"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.9,
"vendor": "juniper",
"version": null
},
{
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "hs series all versions"
},
{
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle transportation management 6.2"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 5.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.9.5"
},
{
"model": "hpe systems insight manager",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.01"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator probe option ver3.1.0.x to ver4.1.0.x"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.02"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "webotx sip application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v7.1 to v8.1"
},
{
"model": "univerge",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "3c cmm"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.8.5"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 4.63"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator agent ver3.3 to ver4.1"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v4.2 to v6.5"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 4.71"
},
{
"model": "hpe server migration pack",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver8.0"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.2"
},
{
"model": "peoplesoft products",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of peoplesoft enterprise peopletools 8.54"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v7.1"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.10 to 10.10.4"
},
{
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.0"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.2"
},
{
"model": "univerge",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "3c ucm"
},
{
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle transportation management 6.1"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v7.1"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.5.10.2"
},
{
"model": "hpe insight control",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "none"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series sg3600lm/lg/lj v6.1"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard-j edition v7.1 to v8.1"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "systemmanager ver5.5.2 to ver6.2.1"
},
{
"model": "peoplesoft products",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of peoplesoft enterprise peopletools 8.53"
},
{
"model": "hpe version control repository manager",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series intersecvm/sg v1.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.0"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v4.1 to v6.5"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard v8.2 to v9.2"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "jobcenter r14.1"
},
{
"model": "hpe matrix operating environment",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "nv7500/nv5500/nv3500 series"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.1"
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.4 to v9.2"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard-j edition v4.1 to v6.5"
},
{
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "nv7400/nv5400/nv3400 series"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator manager ver3.2.2 to ver4.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v4.2 to v6.5"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v4.0"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "mcoperations ver3.6.2 to ver4.2"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "system management homepage",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v7.1 to v8.1"
},
{
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "hpe insight control",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "server provisioning"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.1"
},
{
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle exalogic infrastructure eecs 2.0.6.2.3"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "uddi registry v1.1 to v7.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series univerge sg3000lg/lj"
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0 manager component"
},
{
"model": "junos 12.1x46-d25",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.1"
},
{
"model": "db2 advanced enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.5"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.10"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.14"
},
{
"model": "db2 express edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "security network controller 1.0.3361m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.11"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"model": "db2 workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.2"
},
{
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "db2\u00ae connect? unlimited edition for system z\u00ae",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.6"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.211"
},
{
"model": "db2 connect unlimited edition for system i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.6"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.53"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"model": "tivoli netcool system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "junos 12.1x44-d33",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.0.0"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.15"
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "db2 connect unlimited edition for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.18"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "db2\u00ae express edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "cloud orchestrator enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.3"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "junos 14.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.6"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.1"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.13"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.2"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4.0.6"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.12"
},
{
"model": "version control agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "worklight foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.20"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.14"
},
{
"model": "junos 13.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"model": "abyp-4tl-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "db2\u00ae connect? application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.24"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "db2 luw",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5.0.6"
},
{
"model": "netinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.04"
},
{
"model": "db2 connect enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "cloud orchestrator enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.2"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.4"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5.0.2"
},
{
"model": "ascenlink",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "7.2.3"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.19"
},
{
"model": "insight control server provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sterling integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x44-d51",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "netscaler t1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "worklight foundation enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.20"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.6"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"model": "workflow for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4.0.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "db2\u00ae connect? unlimited edition for system i\u00ae",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.17"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.7"
},
{
"model": "imc products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37001.1"
},
{
"model": "rational requisitepro",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.9"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1.3"
},
{
"model": "junos 12.1x44-d50",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.4"
},
{
"model": "command center appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "junos 14.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flashsystem 9843-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.27"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.27"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.8"
},
{
"model": "linux enterprise server sp2 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.15"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "communications security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"model": "db2 connect application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "junos 12.3x48-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.13"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "tivoli endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50001.1"
},
{
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.5"
},
{
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.8"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "db2\u00ae connect? unlimited edition for system z\u00ae",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "cloud orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.3"
},
{
"model": "db2\u00ae connect? enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"model": "cloud orchestrator enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4"
},
{
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sdk for node.js for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0.10.38"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "system networking rackswitch g8316",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.8"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "db2 advanced workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.3"
},
{
"model": "cloud orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.2"
},
{
"model": "junos 12.3x48-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1.1"
},
{
"model": "infosphere master data management patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.33"
},
{
"model": "junos 12.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.1n",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.11"
},
{
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v310.1"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "sametime unified telephony",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.15"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.9"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "rational requisitepro",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.18"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "db2 workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.19"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.6"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.10"
},
{
"model": "db2 connect unlimited edition for system i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "sterling connect:enterprise for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.4.03"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"model": "db2 connect? application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "junos 15.1r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"model": "abyp-2t-1s-1l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.6"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.3"
},
{
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "security network controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "junos 14.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.1.8"
},
{
"model": "system networking rackswitch g8264t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "smartcloud provisioning for software virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.4.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.1.8"
},
{
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "db2\u00ae enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "junos 14.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.1"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.10"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.12"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1"
},
{
"model": "abyp-2t-1s-1l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "project openssl 1.0.2b",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "system networking rackswitch g8052",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.68"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"model": "system networking rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.10"
},
{
"model": "abyp-10g-2sr-2lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.9"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.5"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "junos 13.3r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.4"
},
{
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.14"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "abyp-2t-2s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "sterling connect:enterprise for unix ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "cloud orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "tivoli netcool system service monitor fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.08"
},
{
"model": "system networking rackswitch g8264cs",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.11.0"
},
{
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.1"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.9.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.06"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "db2\u00ae workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"model": "general parallel file system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0.28"
},
{
"model": "security network controller 1.0.3387m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "junos 12.1x44-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos d40",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos 12.1x44-d30.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "db2\u00ae connect? enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "system networking rackswitch g8052",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "junos 15.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network controller 1.0.3379m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.8"
},
{
"model": "db2\u00ae advanced enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.6"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.8"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "abyp-0t-4s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "junos d20",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "comware products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "50"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.17"
},
{
"model": "exalogic infrastructure eecs",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.6.2.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "abyp-4ts-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "sterling connect:enterprise for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.38"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.07"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "infosphere master data management provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1.2"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "cloud orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.1"
},
{
"model": "abyp-10g-4lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.6"
},
{
"model": "abyp-10g-4lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "hp-ux b.11.11.16.09",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4.0.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.8"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4.0.5"
},
{
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "db2 advanced workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "db2 enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.07"
},
{
"model": "junos 12.3x48-d30",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.413"
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.0"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.2"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "abyp-0t-0s-4l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.38"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "db2\u00ae enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "abyp-4t-0s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "db2 enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.0.5"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.3.3"
},
{
"model": "hp-ux b.11.11.13.14",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "system networking rackswitch g8124-e",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"model": "junos 14.1r6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.16"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.0"
},
{
"model": "system networking rackswitch g8124-e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"model": "abyp-0t-2s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.10"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "db2 express edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "tivoli endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.11"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"model": "project openssl 0.9.8ze",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "comware products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "70"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.63"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.5"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.12"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.7"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v39.7"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "fortirecorder",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0.1"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "hp-ux b.11.23.1.007",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "db2\u00ae express edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.9"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "smartcloud orchestrator enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.7"
},
{
"model": "db2 developer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "forticlient windows/mac",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.3"
},
{
"model": "smartcloud orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.31"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "abyp-0t-2s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "db2 connect enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "flashsystem 9848-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"model": "flashsystem 9840-ae2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "security directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.34"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.3"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "abyp-2t-0s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3387"
},
{
"model": "sterling connect:enterprise for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.4.04"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.64"
},
{
"model": "abyp-10g-4sr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "db2 luw",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.0.5"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4.0.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.9"
},
{
"model": "db2\u00ae workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "security network controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.8"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.14"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "enterprise session border controller ecz7.3m2p2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"model": "tivoli endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "db2\u00ae connect? unlimited edition for system i\u00ae",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "db2\u00ae advanced enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "version control repository manager 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"model": "system networking rackswitch g8264t",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "system networking rackswitch g8264",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.2"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.2.0"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "system networking rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.411"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"model": "sdk for node.js for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0.12.4"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4.0.5"
},
{
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.3.0"
},
{
"model": "db2\u00ae connect? application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.16"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.4.0.4.0"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.10"
},
{
"model": "cloud orchestrator enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.1"
},
{
"model": "junos 13.2x51-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.13"
},
{
"model": "secure backup",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.3"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4.0.6"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "junos 14.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.3"
},
{
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.3"
},
{
"model": "tivoli netcool system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"model": "fortivoice enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0.6"
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x46-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "flashsystem 9846-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.7"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "db2 enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "db2 connect application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.19"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.5"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.1"
},
{
"model": "hp-ux b.11.11.02.008",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x44-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.11"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.16"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.21"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.0"
},
{
"model": "system networking rackswitch g8264",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "junos 12.1x46-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "db2 connect unlimited advanced edition for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "netinsight",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.14"
},
{
"model": "junos 12.1x47-d11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.5"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.35"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "system networking rackswitch g8332",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.21.0"
},
{
"model": "websphere mq",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"model": "system networking rackswitch g8124",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "junos 12.3r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.12"
},
{
"model": "db2 express edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.9"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.19"
},
{
"model": "abyp-10g-4sr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "fortisandbox",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10.2"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "db2\u00ae advanced workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "project openssl 0.9.8zg",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 14.2r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.13"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "mobile connect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.5"
},
{
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.6"
},
{
"model": "junos 13.2x51-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "powerkvm build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.157"
},
{
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "junos 13.2x51-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.26"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "virtual connect enterprise manager sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"model": "abyp-0t-4s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.17"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos 12.1x47-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.8"
},
{
"model": "insight orchestration",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "db2\u00ae express edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.7"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"model": "cloud orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.12"
},
{
"model": "project openssl 1.0.0s",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "db2 connect enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "junos d35",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "vcx products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"model": "db2 connect unlimited edition for system i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "junos 12.1x47-d45",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "spectrum scale",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1.2"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.10"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"model": "db2 connect unlimited edition for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"model": "security network controller 1.0.3381m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "db2 purescale feature",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "elastic storage server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.37"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "spectrum scale",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1.0"
},
{
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "tivoli netcool system service monitor fp14",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "flashsystem 9843-ae2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"model": "db2\u00ae connect? unlimited edition for system i\u00ae",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "system networking rackswitch g8264cs",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"model": "junos 12.1x44-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.13"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.5"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.6"
},
{
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "junos 12.1x46-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.5"
},
{
"model": "hp-ux b.11.11.17.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.9"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.5"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "general parallel file system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1.2"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "fortiddos",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.1.5"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.0.2"
},
{
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "rational requisitepro",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.16"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "db2 connect application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.13"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5.0.3"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.03"
},
{
"model": "forticlient ios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.1"
},
{
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.41"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.19"
},
{
"model": "forticlient android",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.6"
},
{
"model": "db2 connect application server advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.19"
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "cloudbridge",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.1.8"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "hp-ux b.11.23.07.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.3"
},
{
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "abyp-0t-0s-4l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "system networking rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.7"
},
{
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.14"
},
{
"model": "junos 12.3x48-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.5"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "system networking rackswitch g8316",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"model": "abyp-2t-2s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "abyp-4tl-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.6"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.6"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.7"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.6"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.1"
},
{
"model": "abyp-4ts-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "websphere mq for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "security directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1"
},
{
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"model": "db2 advanced enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5.0.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "junos 12.1x46-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.3"
},
{
"model": "junos 12.3r11",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "elastic storage server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.4"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.09"
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.32"
},
{
"model": "db2\u00ae connect? unlimited edition for system z\u00ae",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"model": "linux enterprise server sp1 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.1"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.18"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.13"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.07"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "db2 advanced workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"model": "abyp-10g-2sr-2lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "junos 13.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.5"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.0.3"
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.1"
},
{
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.8"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1"
},
{
"model": "junos 15.1x49-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0"
},
{
"model": "insight control",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "tivoli endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "forticache",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"model": "server migration pack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.41"
},
{
"model": "db2\u00ae advanced workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "abyp-4t-0s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.2"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "db2 advanced enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"model": "junos 14.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.3"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "workload deployer if9",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.7"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.12"
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.010"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "flashsystem 9848-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "worklight foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "cloud orchestrator enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"model": "server migration pack",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "junos 12.3r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.16"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.33"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "sterling connect:enterprise for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.37"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35001.1"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "db2 purescale feature for enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.8"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.5"
},
{
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.6"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.7"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "system networking rackswitch g8124",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.212"
},
{
"model": "websphere mq",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4"
},
{
"model": "flashsystem 9846-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.2"
},
{
"model": "db2\u00ae connect? application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "fsso build",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "235"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "db2 connect unlimited edition for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "worklight foundation enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "hp-ux b.11.11.14.15",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"model": "junos 12.1x44-d35.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "sametime unified telephony",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"model": "cloud orchestrator enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "db2\u00ae workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "system networking rackswitch g8332",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.20.0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.3"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.7"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "fortiadc",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.2"
},
{
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5.0.3"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "db2\u00ae connect? enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.3"
},
{
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.5"
},
{
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "db2\u00ae advanced enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "junos 12.1x47-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.12"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.7"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.12"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"model": "security network controller 1.0.3376m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "gpfs storage server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.15"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3379"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "netscaler service delivery appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "junos 13.2x51-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"model": "matrix operating environment",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.7"
},
{
"model": "junos 12.1x46-d36",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "db2 workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.8"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.12"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "hp-ux b.11.11.15.13",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "db2 connect? application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.7"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5.0.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5.0.2"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.8"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "db2 enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "db2 connect application server advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "junos 15.1x49-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fortiauthenticator",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.1"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.10"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"model": "db2\u00ae advanced workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.3"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.6"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1"
},
{
"model": "abyp-2t-0s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4.0.6"
},
{
"model": "system networking rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.32"
},
{
"model": "cloud orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "junos 12.1x46-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "junos 12.1x47-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.8"
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5"
},
{
"model": "db2\u00ae enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.12"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.8"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "db2 connect unlimited advanced edition for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "spectrum scale",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1.1"
},
{
"model": "junos 12.3r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.214"
},
{
"model": "websphere mq",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "15.04"
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "junos 12.1x44-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "75158"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003080"
},
{
"db": "NVD",
"id": "CVE-2015-1788"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.9.8zf",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1788"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Joseph Birr-Pixton",
"sources": [
{
"db": "BID",
"id": "75158"
}
],
"trust": 0.3
},
"cve": "CVE-2015-1788",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-1788",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-1788",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-1788",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1788"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003080"
},
{
"db": "NVD",
"id": "CVE-2015-1788"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication. OpenSSL is prone to denial-of-service vulnerability. \nAn attacker may exploit this issue to cause a denial-of-service condition. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.1o \u003e= 0.9.8z_p7\n \u003e= 1.0.1o\n\nDescription\n===========\n\nMultiple vulnerabilities have been found in OpenSSL. Please review the\nCVE identifiers referenced below for details. \n\nResolution\n==========\n\nAll OpenSSL 1.0.1 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.1o\"\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8z_p7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2014-8176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8176\n[ 2 ] CVE-2015-1788\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1788\n[ 3 ] CVE-2015-1789\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1789\n[ 4 ] CVE-2015-1790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1790\n[ 5 ] CVE-2015-1791\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1791\n[ 6 ] CVE-2015-1792\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1792\n[ 7 ] CVE-2015-4000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4000\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201506-02\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. This could allow remote attackers to cause a denial of service\n (crash) or potentially execute arbitrary code. This\n could allow remote attackers to cause a denial of service. This could allow remote attackers to cause a denial of\n service (crash) via crafted ASN.1-encoded PKCS#7 blobs. This could allow remote attackers to cause\n a denial of service (crash). This could allow remote attackers to cause\n a denial of service. \n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 1.0.1e-2+deb7u17. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1k-3+deb8u1. \n\nFor the testing distribution (stretch), these problems have been fixed\nin version 1.0.2b-1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.2b-1. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n\na-c05184351\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c05184351\nVersion: 1\n\nHPSBHF03613 rev.1 - HPE Network Products including iMC, VCX, and Comware\nusing OpenSSL, Remote Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2016-07-05\nLast Updated: 2016-07-05\n\nPotential Security Impact: Remote Denial of Service (DoS), Unauthorized\nAccess\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities in OpenSSL have been addressed with HPE\nnetwork products including iMC, VCX, Comware 5 and Comware 7. The\nvulnerabilities could be exploited remotely resulting in Denial of Service\n(DoS) or unauthorized access. \n\nPlease refer to the RESOLUTION\n below for a list of impacted products. \n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2014-8176\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2015-1788\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2015-1789\n 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2015-1790\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2015-1791\n 5.6 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2015-1792\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2015-1793\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\n 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\n https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docI\nd=emr_na-c01345499\n\nRESOLUTION\nHPE has released the following software updates to resolve the\nvulnerabilities in the HP network products including iMC, VCX, Comware 5 and\nComware 7. \n\n**COMWARE 5 Products**\n\n + **A6600 (Comware 5) - Version: R3303P23**\n * HP Network Products\n - JC165A HP 6600 RPE-X1 Router Module\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JC566A HP 6600 RSE-X1 Router Main Processing Unit\n - JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit\n - JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit\n + **HSR6602 (Comware 5) - Version: R3303P23**\n * HP Network Products\n - JC176A HP 6602 Router Chassis\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG355A HP 6600 MCP-X1 Router Main Processing Unit\n - JG356A HP 6600 MCP-X2 Router Main Processing Unit\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n - JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit\n + **HSR6800 (Comware 5) - Version: R3303P23**\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit\n + **MSR20 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD432A HP A-MSR20-21 Router\n - JD662A HP MSR20-20 Router\n - JD663A HP A-MSR20-21 Router\n - JD663B HP MSR20-21 Router\n - JD664A HP MSR20-40 Router\n - JF228A HP MSR20-40 Router\n - JF283A HP MSR20-20 Router\n + **MSR20-1X (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD431A HP MSR20-10 Router\n - JD667A HP MSR20-15 IW Multi-Service Router\n - JD668A HP MSR20-13 Multi-Service Router\n - JD669A HP MSR20-13 W Multi-Service Router\n - JD670A HP MSR20-15 A Multi-Service Router\n - JD671A HP MSR20-15 AW Multi-Service Router\n - JD672A HP MSR20-15 I Multi-Service Router\n - JD673A HP MSR20-11 Multi-Service Router\n - JD674A HP MSR20-12 Multi-Service Router\n - JD675A HP MSR20-12 W Multi-Service Router\n - JD676A HP MSR20-12 T1 Multi-Service Router\n - JF236A HP MSR20-15-I Router\n - JF237A HP MSR20-15-A Router\n - JF238A HP MSR20-15-I-W Router\n - JF239A HP MSR20-11 Router\n - JF240A HP MSR20-13 Router\n - JF241A HP MSR20-12 Router\n - JF806A HP MSR20-12-T Router\n - JF807A HP MSR20-12-W Router\n - JF808A HP MSR20-13-W Router\n - JF809A HP MSR20-15-A-W Router\n - JF817A HP MSR20-15 Router\n - JG209A HP MSR20-12-T-W Router (NA)\n - JG210A HP MSR20-13-W Router (NA)\n + **MSR 30 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD654A HP MSR30-60 POE Multi-Service Router\n - JD657A HP MSR30-40 Multi-Service Router\n - JD658A HP MSR30-60 Multi-Service Router\n - JD660A HP MSR30-20 POE Multi-Service Router\n - JD661A HP MSR30-40 POE Multi-Service Router\n - JD666A HP MSR30-20 Multi-Service Router\n - JF229A HP MSR30-40 Router\n - JF230A HP MSR30-60 Router\n - JF232A HP RTMSR3040-AC-OVSAS-H3\n - JF235A HP MSR30-20 DC Router\n - JF284A HP MSR30-20 Router\n - JF287A HP MSR30-40 DC Router\n - JF801A HP MSR30-60 DC Router\n - JF802A HP MSR30-20 PoE Router\n - JF803A HP MSR30-40 PoE Router\n - JF804A HP MSR30-60 PoE Router\n - JG728A HP MSR30-20 TAA-compliant DC Router\n - JG729A HP MSR30-20 TAA-compliant Router\n + **MSR 30-16 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD659A HP MSR30-16 POE Multi-Service Router\n - JD665A HP MSR30-16 Multi-Service Router\n - JF233A HP MSR30-16 Router\n - JF234A HP MSR30-16 PoE Router\n + **MSR 30-1X (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JF800A HP MSR30-11 Router\n - JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\n - JG182A HP MSR30-11E Router\n - JG183A HP MSR30-11F Router\n - JG184A HP MSR30-10 DC Router\n + **MSR 50 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD433A HP MSR50-40 Router\n - JD653A HP MSR50 Processor Module\n - JD655A HP MSR50-40 Multi-Service Router\n - JD656A HP MSR50-60 Multi-Service Router\n - JF231A HP MSR50-60 Router\n - JF285A HP MSR50-40 DC Router\n - JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n + **MSR 50-G2 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD429A HP MSR50 G2 Processor Module\n - JD429B HP MSR50 G2 Processor Module\n + **MSR 9XX (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JF812A HP MSR900 Router\n - JF813A HP MSR920 Router\n - JF814A HP MSR900-W Router\n - JF815A HP MSR920 2FEWAN/8FELAN/.11 b/g Rtr\n - JG207A HP MSR900-W Router (NA)\n - JG208A HP MSR920-W Router (NA)\n + **MSR 93X (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JG511A HP MSR930 Router\n - JG511B HP MSR930 Router\n - JG512A HP MSR930 Wireless Router\n - JG513A HP MSR930 3G Router\n - JG513B HP MSR930 3G Router\n - JG514A HP MSR931 Router\n - JG514B HP MSR931 Router\n - JG515A HP MSR931 3G Router\n - JG516A HP MSR933 Router\n - JG517A HP MSR933 3G Router\n - JG518A HP MSR935 Router\n - JG518B HP MSR935 Router\n - JG519A HP MSR935 Wireless Router\n - JG520A HP MSR935 3G Router\n - JG531A HP MSR931 Dual 3G Router\n - JG531B HP MSR931 Dual 3G Router\n - JG596A HP MSR930 4G LTE/3G CDMA Router\n - JG597A HP MSR936 Wireless Router\n - JG665A HP MSR930 4G LTE/3G WCDMA Global Router\n - JG704A HP MSR930 4G LTE/3G WCDMA ATT Router\n - JH009A HP MSR931 Serial (TI) Router\n - JH010A HP MSR933 G.SHDSL (TI) Router\n - JH011A HP MSR935 ADSL2+ (TI) Router\n - JH012A HP MSR930 Wireless 802.11n (NA) Router\n - JH012B HP MSR930 Wireless 802.11n (NA) Router\n - JH013A HP MSR935 Wireless 802.11n (NA) Router\n + **MSR1000 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JG732A HP MSR1003-8 AC Router\n + **12500 (Comware 5) - Version: R1829P01**\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JC808A HP 12500 TAA Main Processing Unit\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n + **9500E (Comware 5) - Version: R1829P01**\n * HP Network Products\n - JC124A HP A9508 Switch Chassis\n - JC124B HP 9505 Switch Chassis\n - JC125A HP A9512 Switch Chassis\n - JC125B HP 9512 Switch Chassis\n - JC474A HP A9508-V Switch Chassis\n - JC474B HP 9508-V Switch Chassis\n + **10500 (Comware 5) - Version: R1210P01**\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC614A HP 10500 Main Processing Unit\n - JC748A HP 10512 Switch Chassis\n - JG375A HP 10500 TAA-compliant Main Processing Unit\n - JG820A HP 10504 TAA-compliant Switch Chassis\n - JG821A HP 10508 TAA-compliant Switch Chassis\n - JG822A HP 10508-V TAA-compliant Switch Chassis\n - JG823A HP 10512 TAA-compliant Switch Chassis\n + **7500 (Comware 5) - Version: R6710P01**\n * HP Network Products\n - JC666A HP 7503-S 144Gbps Fabric/MPU with PoE Upgradable 20-port\nGig-T/4-port GbE Combo\n - JC697A HP 7502 TAA-compliant Main Processing Unit\n - JC698A HP 7503-S 144Gbps TAA Fabric / MPU with 16 GbE SFP Ports and 8\nGbE Combo Ports\n - JC699A HP 7500 384Gbps TAA-compliant Fabric / MPU with 2 10GbE XFP\nPorts\n - JC700A HP 7500 384Gbps TAA-compliant Fabric / Main Processing Unit\n - JC701A HP 7500 768Gbps TAA-compliant Fabric / Main Processing Unit\n - JD193A HP 7500 384Gbps Fabric Module with 2 XFP Ports\n - JD193B HP 7500 384Gbps Fabric Module with 2 XFP Ports\n - JD194A HP 7500 384Gbps Fabric Module\n - JD194B HP 7500 384Gbps Fabric Module\n - JD195A HP 7500 384Gbps Advanced Fabric Module\n - JD196A HP 7502 Fabric Module\n - JD220A HP 7500 768Gbps Fabric Module\n - JD224A HP 7500 384Gbps Fabric Module with 12 SFP Ports\n - JD238A HP 7510 Switch Chassis\n - JD238B HP 7510 Switch Chassis\n - JD239A HP 7506 Switch Chassis\n - JD239B HP 7506 Switch Chassis\n - JD240A HP 7503 Switch Chassis\n - JD240B HP 7503 Switch Chassis\n - JD241A HP 7506-V Switch Chassis\n - JD241B HP 7506-V Switch Chassis\n - JD242A HP 7502 Switch Chassis\n - JD242B HP 7502 Switch Chassis\n - JD243A HP 7503-S Switch Chassis with 1 Fabric Slot\n - JD243B HP 7503-S Switch Chassis with 1 Fabric Slot\n - JE164A HP E7902 Switch Chassis\n - JE165A HP E7903 Switch Chassis\n - JE166A HP E7903 1 Fabric Slot Switch Chassis\n - JE167A HP E7906 Switch Chassis\n - JE168A HP E7906 Vertical Switch Chassis\n - JE169A HP E7910 Switch Chassis\n + **5830 (Comware 5) - Version: R1118P13**\n * HP Network Products\n - JC691A HP 5830AF-48G Switch with 1 Interface Slot\n - JC694A HP 5830AF-96G Switch\n - JG316A HP 5830AF-48G TAA-compliant Switch w/1 Interface Slot\n - JG374A HP 5830AF-96G TAA-compliant Switch\n + **5800 (Comware 5) - Version: R1809P11**\n * HP Network Products\n - JC099A HP 5800-24G-PoE Switch\n - JC099B HP 5800-24G-PoE+ Switch\n - JC100A HP 5800-24G Switch\n - JC100B HP 5800-24G Switch\n - JC101A HP 5800-48G Switch with 2 Slots\n - JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots\n - JC103A HP 5800-24G-SFP Switch\n - JC103B HP 5800-24G-SFP Switch with 1 Interface Slot\n - JC104A HP 5800-48G-PoE Switch\n - JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot\n - JC105A HP 5800-48G Switch\n - JC105B HP 5800-48G Switch with 1 Interface Slot\n - JG254A HP 5800-24G-PoE+ TAA-compliant Switch\n - JG254B HP 5800-24G-PoE+ TAA-compliant Switch\n - JG255A HP 5800-24G TAA-compliant Switch\n - JG255B HP 5800-24G TAA-compliant Switch\n - JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot\n - JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot\n - JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot\n - JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot\n - JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot\n - JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot\n - JG225A HP 5800AF-48G Switch\n - JG225B HP 5800AF-48G Switch\n - JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots\n - JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface\n - JG243A HP 5820-24XG-SFP+ TAA-compliant Switch\n - JG243B HP 5820-24XG-SFP+ TAA-compliant Switch\n - JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots\n\u0026 1 OAA Slot\n - JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots\nand 1 OAA Slot\n - JC106A HP 5820-14XG-SFP+ Switch with 2 Slots\n - JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots \u0026 1 OAA Slot\n - JG219A HP 5820AF-24XG Switch\n - JG219B HP 5820AF-24XG Switch\n - JC102A HP 5820-24XG-SFP+ Switch\n - JC102B HP 5820-24XG-SFP+ Switch\n + **5500 HI (Comware 5) - Version: R5501P17**\n * HP Network Products\n - JG311A HP 5500-24G-4SFP HI Switch with 2 Interface Slots\n - JG312A HP 5500-48G-4SFP HI Switch with 2 Interface Slots\n - JG541A HP 5500-24G-PoE+-4SFP HI Switch with 2 Interface Slots\n - JG542A HP 5500-48G-PoE+-4SFP HI Switch with 2 Interface Slots\n - JG543A HP 5500-24G-SFP HI Switch with 2 Interface Slots\n - JG679A HP 5500-24G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface\nSlots\n - JG680A HP 5500-48G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface\nSlots\n - JG681A HP 5500-24G-SFP HI TAA-compliant Switch with 2 Interface Slots\n + **5500 EI (Comware 5) - Version: R2221P19**\n * HP Network Products\n - JD373A HP 5500-24G DC EI Switch\n - JD374A HP 5500-24G-SFP EI Switch\n - JD375A HP 5500-48G EI Switch\n - JD376A HP 5500-48G-PoE EI Switch\n - JD377A HP 5500-24G EI Switch\n - JD378A HP 5500-24G-PoE EI Switch\n - JD379A HP 5500-24G-SFP DC EI Switch\n - JG240A HP 5500-48G-PoE+ EI Switch with 2 Interface Slots\n - JG241A HP 5500-24G-PoE+ EI Switch with 2 Interface Slots\n - JG249A HP 5500-24G-SFP EI TAA-compliant Switch with 2 Interface\n - JG250A HP 5500-24G EI TAA-compliant Switch with 2 Interface Slots\n - JG251A HP 5500-48G EI TAA-compliant Switch with 2 Interface Slots\n - JG252A HP 5500-24G-PoE+ EI TAA-compliant Switch with 2 Interface\nSlots\n - JG253A HP 5500-48G-PoE+ EI TAA-compliant Switch with 2 Interface\nSlots\n + **4800G (Comware 5) - Version: R2221P19**\n * HP Network Products\n - JD007A HP 4800-24G Switch\n - JD008A HP 4800-24G-PoE Switch\n - JD009A HP 4800-24G-SFP Switch\n - JD010A HP 4800-48G Switch\n - JD011A HP 4800-48G-PoE Switch\n + **5500SI (Comware 5) - Version: R2221P20**\n * HP Network Products\n - JD369A HP 5500-24G SI Switch\n - JD370A HP 5500-48G SI Switch\n - JD371A HP 5500-24G-PoE SI Switch\n - JD372A HP 5500-48G-PoE SI Switch\n - JG238A HP 5500-24G-PoE+ SI Switch with 2 Interface Slots\n - JG239A HP 5500-48G-PoE+ SI Switch with 2 Interface Slots\n + **4500G (Comware 5) - Version: R2221P20**\n * HP Network Products\n - JF428A HP 4510-48G Switch\n - JF847A HP 4510-24G Switch\n + **5120 EI (Comware 5) - Version: R2221P20**\n * HP Network Products\n - JE066A HP 5120-24G EI Switch\n - JE067A HP 5120-48G EI Switch\n - JE068A HP 5120-24G EI Switch with 2 Interface Slots\n - JE069A HP 5120-48G EI Switch with 2 Interface Slots\n - JE070A HP 5120-24G-PoE EI 2-slot Switch\n - JE071A HP 5120-48G-PoE EI 2-slot Switch\n - JG236A HP 5120-24G-PoE+ EI Switch with 2 Interface Slots\n - JG237A HP 5120-48G-PoE+ EI Switch with 2 Interface Slots\n - JG245A HP 5120-24G EI TAA-compliant Switch with 2 Interface Slots\n - JG246A HP 5120-48G EI TAA-compliant Switch with 2 Interface Slots\n - JG247A HP 5120-24G-PoE+ EI TAA-compliant Switch with 2 Slots\n - JG248A HP 5120-48G-PoE+ EI TAA-compliant Switch with 2 Slots\n + **4210G (Comware 5) - Version: R2221P20**\n * HP Network Products\n - JF844A HP 4210-24G Switch\n - JF845A HP 4210-48G Switch\n - JF846A HP 4210-24G-PoE Switch\n + **5120 SI (Comware 5) - Version: R1516**\n * HP Network Products\n - JE072A HP 5120-48G SI Switch\n - JE072B HPE 5120 48G SI Switch\n - JE073A HP 5120-16G SI Switch\n - JE073B HPE 5120 16G SI Switch\n - JE074A HP 5120-24G SI Switch\n - JE074B HPE 5120 24G SI Switch\n - JG091A HP 5120-24G-PoE+ (370W) SI Switch\n - JG091B HPE 5120 24G PoE+ (370W) SI Switch\n - JG092A HP 5120-24G-PoE+ (170W) SI Switch\n - JG309B HPE 5120 8G PoE+ (180W) SI Switch\n - JG310B HPE 5120 8G PoE+ (65W) SI Switch\n + **3610 (Comware 5) - Version: R5319P14**\n * HP Network Products\n - JD335A HP 3610-48 Switch\n - JD336A HP 3610-24-4G-SFP Switch\n - JD337A HP 3610-24-2G-2G-SFP Switch\n - JD338A HP 3610-24-SFP Switch\n + **3600V2 (Comware 5) - Version: R2110P06**\n * HP Network Products\n - JG299A HP 3600-24 v2 EI Switch\n - JG299B HP 3600-24 v2 EI Switch\n - JG300A HP 3600-48 v2 EI Switch\n - JG300B HP 3600-48 v2 EI Switch\n - JG301A HP 3600-24-PoE+ v2 EI Switch\n - JG301B HP 3600-24-PoE+ v2 EI Switch\n - JG301C HP 3600-24-PoE+ v2 EI Switch\n - JG302A HP 3600-48-PoE+ v2 EI Switch\n - JG302B HP 3600-48-PoE+ v2 EI Switch\n - JG302C HP 3600-48-PoE+ v2 EI Switch\n - JG303A HP 3600-24-SFP v2 EI Switch\n - JG303B HP 3600-24-SFP v2 EI Switch\n - JG304A HP 3600-24 v2 SI Switch\n - JG304B HP 3600-24 v2 SI Switch\n - JG305A HP 3600-48 v2 SI Switch\n - JG305B HP 3600-48 v2 SI Switch\n - JG306A HP 3600-24-PoE+ v2 SI Switch\n - JG306B HP 3600-24-PoE+ v2 SI Switch\n - JG306C HP 3600-24-PoE+ v2 SI Switch\n - JG307A HP 3600-48-PoE+ v2 SI Switch\n - JG307B HP 3600-48-PoE+ v2 SI Switch\n - JG307C HP 3600-48-PoE+ v2 SI Switch\n + **3100V2-48 (Comware 5) - Version: R2110P06**\n * HP Network Products\n - JG315A HP 3100-48 v2 Switch\n - JG315B HP 3100-48 v2 Switch\n + **HP870 (Comware 5) - Version: R2607P46**\n * HP Network Products\n - JG723A HP 870 Unified Wired-WLAN Appliance\n - JG725A HP 870 Unified Wired-WLAN TAA-compliant Appliance\n + **HP850 (Comware 5) - Version: R2607P46**\n * HP Network Products\n - JG722A HP 850 Unified Wired-WLAN Appliance\n - JG724A HP 850 Unified Wired-WLAN TAA-compliant Appliance\n + **HP830 (Comware 5) - Version: R3507P46**\n * HP Network Products\n - JG640A HP 830 24-Port PoE+ Unified Wired-WLAN Switch\n - JG641A HP 830 8-port PoE+ Unified Wired-WLAN Switch\n - JG646A HP 830 24-Port PoE+ Unified Wired-WLAN TAA-compliant Switch\n - JG647A HP 830 8-Port PoE+ Unified Wired-WLAN TAA-compliant\n + **HP6000 (Comware 5) - Version: R2507P46**\n * HP Network Products\n - JG639A HP 10500/7500 20G Unified Wired-WLAN Module\n - JG645A HP 10500/7500 20G Unified Wired-WLAN TAA-compliant Module\n + **WX5004-EI (Comware 5) - Version: R2507P46**\n * HP Network Products\n - JD447B HP WX5002 Access Controller\n - JD448A HP WX5004 Access Controller\n - JD448B HP WX5004 Access Controller\n - JD469A HP WX5004 Access Controller\n + **SecBlade FW (Comware 5) - Version: R3181P07**\n * HP Network Products\n - JC635A HP 12500 VPN Firewall Module\n - JD245A HP 9500 VPN Firewall Module\n - JD249A HP 10500/7500 Advanced VPN Firewall Module\n - JD250A HP 6600 Firewall Processing Router Module\n - JD251A HP 8800 Firewall Processing Module\n - JD255A HP 5820 VPN Firewall Module\n + **F1000-E (Comware 5) - Version: R3181P07**\n * HP Network Products\n - JD272A HP F1000-E VPN Firewall Appliance\n + **F1000-A-EI (Comware 5) - Version: R3734P08**\n * HP Network Products\n - JG214A HP F1000-A-EI VPN Firewall Appliance\n + **F1000-S-EI (Comware 5) - Version: R3734P08**\n * HP Network Products\n - JG213A HP F1000-S-EI VPN Firewall Appliance\n + **F5000-A (Comware 5) - Version: F3210P26**\n * HP Network Products\n - JD259A HP A5000-A5 VPN Firewall Chassis\n - JG215A HP F5000 Firewall Main Processing Unit\n - JG216A HP F5000 Firewall Standalone Chassis\n + **U200S and CS (Comware 5) - Version: F5123P33**\n * HP Network Products\n - JD273A HP U200-S UTM Appliance\n + **U200A and M (Comware 5) - Version: F5123P33**\n * HP Network Products\n - JD275A HP U200-A UTM Appliance\n + **F5000-C/S (Comware 5) - Version: R3811P05**\n * HP Network Products\n - JG650A HP F5000-C VPN Firewall Appliance\n - JG370A HP F5000-S VPN Firewall Appliance\n + **SecBlade III (Comware 5) - Version: R3820P06**\n * HP Network Products\n - JG371A HP 12500 20Gbps VPN Firewall Module\n - JG372A HP 10500/11900/7500 20Gbps VPN Firewall Module\n + **6600 RSE RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JC566A HP 6600 RSE-X1 Router Main Processing Unit\n - JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit\n + **6600 RPE RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JC165A) HP 6600 RPE-X1 Router Module\n - JG781A) HP 6600 RPE-X1 TAA-compliant Main Processing Unit\n + **6602 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JC176A) HP 6602 Router Chassis\n + **HSR6602 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG355A HP 6600 MCP-X1 Router Main Processing Unit\n - JG356A HP 6600 MCP-X2 Router Main Processing Unit\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n - JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit\n + **HSR6800 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit\n + **SMB1910 (Comware 5) - Version: R1111**\n * HP Network Products\n - JG540A HP 1910-48 Switch\n - JG539A HP 1910-24-PoE+ Switch\n - JG538A HP 1910-24 Switch\n - JG537A HP 1910-8 -PoE+ Switch\n - JG536A HP 1910-8 Switch\n + **SMB1920 (Comware 5) - Version: R1109**\n * HP Network Products\n - JG928A HP 1920-48G-PoE+ (370W) Switch\n - JG927A HP 1920-48G Switch\n - JG926A HP 1920-24G-PoE+ (370W) Switch\n - JG925A HP 1920-24G-PoE+ (180W) Switch\n - JG924A HP 1920-24G Switch\n - JG923A HP 1920-16G Switch\n - JG922A HP 1920-8G-PoE+ (180W) Switch\n - JG921A HP 1920-8G-PoE+ (65W) Switch\n - JG920A HP 1920-8G Switch\n + **V1910 (Comware 5) - Version: R1516**\n * HP Network Products\n - JE005A HP 1910-16G Switch\n - JE006A HP 1910-24G Switch\n - JE007A HP 1910-24G-PoE (365W) Switch\n - JE008A HP 1910-24G-PoE(170W) Switch\n - JE009A HP 1910-48G Switch\n - JG348A HP 1910-8G Switch\n - JG349A HP 1910-8G-PoE+ (65W) Switch\n - JG350A HP 1910-8G-PoE+ (180W) Switch\n + **SMB 1620 (Comware 5) - Version: R1108**\n * HP Network Products\n - JG914A HP 1620-48G Switch\n - JG913A HP 1620-24G Switch\n - JG912A HP 1620-8G Switch\n\n**COMWARE 7 Products**\n\n + **12500 (Comware 7) - Version: R7376**\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n + **10500 (Comware 7) - Version: R7170**\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n + **12900 (Comware 7) - Version: R1138P01**\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n + **5900 (Comware 7) - Version: R2422P01**\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n + **MSR1000 (Comware 7) - Version: R0305P04**\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n + **MSR2000 (Comware 7) - Version: R0305P04**\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n + **MSR3000 (Comware 7) - Version: R0305P04**\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG407A HP MSR3024 DC Router\n - JG408A HP MSR3024 PoE Router\n - JG409A HP MSR3012 AC Router\n - JG410A HP MSR3012 DC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n + **MSR4000 (Comware 7) - Version: R0305P04**\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n + **VSR (Comware 7) - Version: E0321P01**\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n + **7900 (Comware 7) - Version: R2138P01**\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n + **5130 (Comware 7) - Version: R3109P16**\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n + **5700 (Comware 7) - Version: R2422P01**\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n + **5930 (Comware 7) - Version: R2422P01**\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n + **HSR6600 (Comware 7) - Version: R7103P05**\n * HP Network Products\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n + **HSR6800 (Comware 7) - Version: R7103P05**\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing\n - JH075A HP HSR6800 RSE-X3 Router Main Processing Unit\n + **1950 (Comware 7) - Version: R3109P16**\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n + **7500 (Comware 7) - Version: R7170**\n * HP Network Products\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n\n**iMC Products**\n\n + **iMC Plat - Version: iMC Plat 7.1 E0303P16**\n * HP Network Products\n - JD125A HP IMC Std S/W Platform w/100-node\n - JD126A HP IMC Ent S/W Platform w/100-node\n - JD808A HP IMC Ent Platform w/100-node License\n - JD814A HP A-IMC Enterprise Edition Software DVD Media\n - JD815A HP IMC Std Platform w/100-node License\n - JD816A HP A-IMC Standard Edition Software DVD Media\n - JF288AAE HP Network Director to Intelligent Management Center\nUpgrade E-LTU\n - JF289AAE HP Enterprise Management System to Intelligent Management\nCenter Upgrade E-LTU\n - JF377A HP IMC Std S/W Platform w/100-node Lic\n - JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU\n - JF378A HP IMC Ent S/W Platform w/200-node Lic\n - JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU\n - JG546AAE HP IMC Basic SW Platform w/50-node E-LTU\n - JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU\n - JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU\n - JG550AAE HP PMM to IMC Bsc WLM Upgr w/150AP E-LTU\n - JG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU\n - JG659AAE HP IMC Smart Connect VAE E-LTU\n - JG660AAE HP IMC Smart Connect w/WLM VAE E-LTU\n - JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU\n - JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU\n - JG766AAE HP IMC SmCnct Vrtl Applnc SW E-LTU\n - JG767AAE HP IMC SmCnct WSM Vrtl Applnc SW E-LTU\n - JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU\n + **iMC iNode - Version: iNode PC 7.1 E0313, or, iNode PC 7.2 (E0401)**\n * HP Network Products\n - JD144A HP A-IMC User Access Management Software Module with 200-user\nLicense\n - JD147A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JD435A HP A-IMC Endpoint Admission Defense Client Software\n - JF388A HP IMC User Authentication Management Software Module with\n200-user License\n - JF388AAE HP IMC User Authentication Management Software Module with\n200-user E-LTU\n - JF391A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JF391AAE HP IMC Endpoint Admission Defense Software Module with\n200-user E-LTU\n - JG752AAE HP IMC User Access Manager Software Module with 50-user\nE-LTU\n - JG754AAE) HP IMC Endpoint Admission Defense Software Module with\n50-user E-LTU\n + **iMC TAM_UAM - Version: iMC UAM_TAM 7.1 (E0307)**\n * HP Network Products\n - JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE\n - JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU\n - JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU\n - JG483A HP IMC TAM S/W MODULE W/100-NODE LIC\n - JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU\n - JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU\n + **iMC NSM - Version: iMC WSM 7.1 E0303P10**\n * HP Network Products\n - JD456A HP IMC WSM Software Module with 50-Access Point License\n - JF414A HP IMC Wireless Service Manager Software Module with 50-Access\nPoint License\n - JF414AAE HP IMC Wireless Service Manager Software Module with\n50-Access Point E-LTU\n - JG551AAE HP PCM+ Mobility Manager to IMC Wireless Service Manager\nModule Upgrade with 250 Access Point E-LTU\n - JG758AAE HP IMC WSM/RTLS w/ 50-node E-LTU\n - JG769AAE HP PCM Mobility Manager to IMC Wireless Service Manager Upg\nwith 250-node E-LTU\n\n**VCX Products**\n\n + **VCX - Version: 9.8.18**\n * HP Network Products\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n\nHISTORY\nVersion:1 (rev.1) - 5 July 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability with any HPE supported\nproduct, send Email to: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-15:10.openssl Security Advisory\n The FreeBSD Project\n\nTopic: Multiple OpenSSL vulnerabilities\n\nCategory: contrib\nModule: openssl\nAnnounced: 2015-06-12\nAffects: All supported versions of FreeBSD. \nCorrected: 2015-06-11 19:07:45 UTC (stable/10, 10.1-STABLE)\n 2015-06-12 07:23:55 UTC (releng/10.1, 10.1-RELEASE-p12)\n 2015-06-11 19:39:27 UTC (stable/9, 9.3-STABLE)\n 2015-06-12 07:23:55 UTC (releng/9.3, 9.3-RELEASE-p16)\n 2015-06-11 19:39:27 UTC (stable/8, 8.4-STABLE)\n 2015-06-12 07:23:55 UTC (releng/8.4, 8.4-RELEASE-p30)\nCVE Name: CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791\n CVE-2015-1792, CVE-2015-4000\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nI. Background\n\nFreeBSD includes software from the OpenSSL Project. The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured\nOpen Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nII. [CVE-2015-1791]\n\nThe OpenSSL advisory also describes a problem that is identified as\nCVE-2014-8176, which is already fixed by an earlier FreeBSD Errata\nNotice, FreeBSD-EN-15:02.openssl. \n\nIII. [CVE-2015-4000]. \n[CVE-2015-1788]. This affects FreeBSD 10.1 only, as the problem\nwas no longer exist in OpenSSL 0.9.8 series since July 2012. [CVE-2015-1790]. [CVE-2015-1792]\n\nAn attacker may be able to crash multi-thread applications that\nsupports resumed TLS handshakes. [CVE-2015-1791]\n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 10.1]\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch.asc\n# gpg --verify openssl-10.1.patch.asc\n\n[FreeBSD 9.3 and 8.4]\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch.asc\n# gpg --verify openssl-8.4.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all deamons using the library, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r284286\nreleng/8.4/ r284295\nstable/9/ r284286\nreleng/9.3/ r284295\nstable/10/ r284285\nreleng/10.1/ r284295\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://www.openssl.org/news/secadv_20150611.txt\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788\u003e \n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:10.openssl.asc\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.1.4 (FreeBSD)\n\niQIcBAEBCgAGBQJVeopGAAoJEO1n7NZdz2rnzhQP/Ak6el188Y+7QbEYVfCZ7eG8\nBQLj5TMGHV5swSKVlPcEuBlMwTjpgB5Gqhc8luDS0eIAuJGdcMPSrZDdXxWQFtPf\npbfIwp/ElFc7d6ut0Y8t6fFLJbhTOoHJpzTGkFRfJkjinGOx7OZQPeLJsxSubbnL\nJKugZ3diH6yk6IPMf9SvhO/kYXUF1VbXQvHNTnqgdhFVkgF6tK22Pkl2XoJ9EHbh\nvBXft1yJwiYlZ//DxZuScTUj1pHYzK3bOpg//REJMWCMj1RVwQr2EyDa0Q2cT02d\neRnSZykXD69eybyzEck+BvwnUYYJICimnHuE5t78UIr0D/NWyOAZTQ99z5TID5aV\nHXkcil+1E/Q+xBB4+5UOOnESf6cmiWwewQOVvD26ZY39E6oJXvsrWnyxIuCG6DL9\nsLtxB6iTYlTX5Civ/VJX8H7rFiw4UwMembthvGzck22026iHjplWM3GCWz0E8O3R\nPrXBHjAzNFawK3owNMxFSUFTuFw/qY7EEwJ3SKCEC+hoxcLOl26NMxrQKRIAUk+I\nMMOaZfvOh2uM19y9SJZz8+sqU8gIm7ihDm5fuSkO8kY0jdvLwyS9bXAejN/lZ6oJ\nTyfTDDyXDOdaPpnpQehh6vQV0NiaJ+WXfGhfiE8/G/t6b1E0LlCaaGJTpYkildGe\nvVCM4Nyx4S9WDFOi76ug\n=dyhg\n-----END PGP SIGNATURE-----\n. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1n-i486-1_slack14.1.txz: Upgraded. \n Fixes several bugs and security issues:\n o Malformed ECParameters causes infinite loop (CVE-2015-1788)\n o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)\n o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)\n o CMS verify infinite loop with unknown hash function (CVE-2015-1792)\n o Race condition handling NewSessionTicket (CVE-2015-1791)\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791\n (* Security fix *)\npatches/packages/openssl-solibs-1.0.1n-i486-1_slack14.1.txz: Upgraded. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zg-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zg-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zg-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1n-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1n-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1n-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1n-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1n-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1n-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1n-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1n-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1n-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1n-i586-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1n-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1n-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n383ecfed6bfef1440a44d7082745848a openssl-0.9.8zg-i486-1_slack13.0.txz\nfb186187ffa200e22d9450a9d0e321f6 openssl-solibs-0.9.8zg-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\neb52318ed52fef726402f0b2a74745c5 openssl-0.9.8zg-x86_64-1_slack13.0.txz\n9447927b960a01b21149e28a9783021f openssl-solibs-0.9.8zg-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n37f46f6b4fe2acbe217eaf7c0b33b704 openssl-0.9.8zg-i486-1_slack13.1.txz\n986de2e71676f61d788a59a1e0c8de1f openssl-solibs-0.9.8zg-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\n6b160ce817dcde3ae5b3a861b284387b openssl-0.9.8zg-x86_64-1_slack13.1.txz\n503d891680c711162386ea7e3daadca8 openssl-solibs-0.9.8zg-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n5e7501b1d73d01d3d87704c3cfd3a888 openssl-0.9.8zg-i486-1_slack13.37.txz\n874f0b59870dd3f259640c9930a02f99 openssl-solibs-0.9.8zg-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\nb6d91614458040d461dff3c3eab45206 openssl-0.9.8zg-x86_64-1_slack13.37.txz\nbe106df5e59c2be7fa442df8ba85ad0b openssl-solibs-0.9.8zg-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\nee7c3937e6a6d7ac7537f751af7da7b9 openssl-1.0.1n-i486-1_slack14.0.txz\n758662437d33f99ec0a686cedeb1919e openssl-solibs-1.0.1n-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n2dfdc4729e93cf460018e9e30a6223dc openssl-1.0.1n-x86_64-1_slack14.0.txz\n9cb4b34e97e60f6bfe4c843aabeae954 openssl-solibs-1.0.1n-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n5a9bf08d55615cfc097109c2e3786f7b openssl-1.0.1n-i486-1_slack14.1.txz\nfb1c05468e5c38d51a8ff6ac435e3a20 openssl-solibs-1.0.1n-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\n1ef5cede3f954c3e4741012ffa76b750 openssl-1.0.1n-x86_64-1_slack14.1.txz\nea22c288c60ae1d7ea8c5b3a1608462b openssl-solibs-1.0.1n-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n56db8712d653c060f910e8915a8f8656 a/openssl-solibs-1.0.1n-i586-1.txz\n6d6264c9943e27240db5c8f5ec342e27 n/openssl-1.0.1n-i586-1.txz\n\nSlackware x86_64 -current packages:\ne73f7aff5aa0ad14bc06428544f99ae2 a/openssl-solibs-1.0.1n-x86_64-1.txz\n91b550b9eb0ac0c580e158375a93c0e4 n/openssl-1.0.1n-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1n-i486-1_slack14.1.txz openssl-solibs-1.0.1n-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. \n\nPlease download the latest version of HPE Version Control Repository Manager\n(VCRM) (7.5.1) from the following location:\n\nVCRM for Windows:\n\nhttps://www.hp.com/swpublishing/MTX-b59b11be53744759a650eadeb4\n\nVCRM for Linux is only available only with HPE Systems Insight Manager (HPE\nSIM):\n\nhttps://www.hp.com/go/sim\n\nHISTORY\nVersion:1 (rev.1) - 12 May 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. OpenSSL Security Advisory [11 Jun 2015]\n=======================================\n\nDHE man-in-the-middle protection (Logjam)\n====================================================================\n\nA vulnerability in the TLS protocol allows a man-in-the-middle\nattacker to downgrade vulnerable TLS connections using ephemeral\nDiffie-Hellman key exchange to 512-bit export-grade cryptography. This\nvulnerability is known as Logjam (CVE-2015-4000). \n\nOpenSSL has added protection for TLS clients by rejecting handshakes\nwith DH parameters shorter than 768 bits. This limit will be increased\nto 1024 bits in a future release. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\n\nFixes for this issue were developed by Emilia K\u00e4sper and Kurt Roeckx\nof the OpenSSL development team. \n\nThis can be used to perform denial of service against any\nsystem which processes public keys, certificate requests or\ncertificates. This includes TLS clients and TLS servers with\nclient authentication enabled. \n\nThis issue affects OpenSSL versions: 1.0.2 and 1.0.1. Recent\n1.0.0 and 0.9.8 versions are not affected. 1.0.0d and 0.9.8r and below are\naffected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s\nOpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The\nfix was developed by Andy Polyakov of the OpenSSL development team. \n\nExploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)\n===============================================================\n\nSeverity: Moderate\n\nX509_cmp_time does not properly check the length of the ASN1_TIME\nstring and can read a few bytes out of bounds. In addition,\nX509_cmp_time accepts an arbitrary number of fractional seconds in the\ntime string. \n\nAn attacker can use this to craft malformed certificates and CRLs of\nvarious sizes and potentially cause a segmentation fault, resulting in\na DoS on applications that verify certificates or CRLs. TLS clients\nthat verify CRLs are affected. TLS clients and servers with client\nauthentication enabled may be affected if they use custom verification\ncallbacks. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 8th April 2015 by Robert Swiecki\n(Google), and independently on 11th April 2015 by Hanno B\u00f6ck. The fix\nwas developed by Emilia K\u00e4sper of the OpenSSL development team. \n\nPKCS7 crash with missing EnvelopedContent (CVE-2015-1790)\n=========================================================\n\nSeverity: Moderate\n\nThe PKCS#7 parsing code does not handle missing inner EncryptedContent\ncorrectly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs\nwith missing content and trigger a NULL pointer dereference on parsing. \n\nApplications that decrypt PKCS#7 data or otherwise parse PKCS#7\nstructures from untrusted sources are affected. OpenSSL clients and\nservers are not affected. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 18th April 2015 by Michal\nZalewski (Google). The fix was developed by Emilia K\u00e4sper of the\nOpenSSL development team. \n\nCMS verify infinite loop with unknown hash function (CVE-2015-1792)\n===================================================================\n\nSeverity: Moderate\n\nWhen verifying a signedData message the CMS code can enter an infinite loop\nif presented with an unknown hash function OID. \n\nThis can be used to perform denial of service against any system which\nverifies signedData messages using the CMS code. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 31st March 2015 by Johannes Bauer. The\nfix was developed by Dr. Stephen Henson of the OpenSSL development team. \n\nRace condition handling NewSessionTicket (CVE-2015-1791)\n========================================================\n\nSeverity: Low\n\nIf a NewSessionTicket is received by a multi-threaded client when attempting to\nreuse a previous ticket then a race condition can occur potentially leading to\na double free of the ticket data. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was discovered by Emilia K\u00e4sper of the OpenSSL development team. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nInvalid free in DTLS (CVE-2014-8176)\n====================================\n\nSeverity: Moderate\n\nThis vulnerability does not affect current versions of OpenSSL. It\nexisted in previous OpenSSL versions and was fixed in June 2014. \n\nIf a DTLS peer receives application data between the ChangeCipherSpec\nand Finished messages, buffering of such data may cause an invalid\nfree, resulting in a segmentation fault or potentially, memory\ncorruption. \n\nThis issue affected older OpenSSL versions 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThis issue was originally reported on March 28th 2014 in\nhttps://rt.openssl.org/Ticket/Display.html?id=3286 by Praveen\nKariyanahalli, and subsequently by Ivan Fratric and Felix Groebert\n(Google). A fix was developed by zhu qun-ying. \n\nThe fix for this issue can be identified by commits bcc31166 (1.0.1),\nb79e6e3a (1.0.0) and 4b258e73 (0.9.8). \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions\n1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these\nreleases will be provided after that date. Users of these releases are advised\nto upgrade. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20150611.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1788"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003080"
},
{
"db": "BID",
"id": "75158"
},
{
"db": "VULMON",
"id": "CVE-2015-1788"
},
{
"db": "PACKETSTORM",
"id": "132398"
},
{
"db": "PACKETSTORM",
"id": "132291"
},
{
"db": "PACKETSTORM",
"id": "137772"
},
{
"db": "PACKETSTORM",
"id": "132288"
},
{
"db": "PACKETSTORM",
"id": "132285"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "PACKETSTORM",
"id": "169629"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-1788",
"trust": 2.9
},
{
"db": "JUNIPER",
"id": "JSA10694",
"trust": 1.4
},
{
"db": "BID",
"id": "75158",
"trust": 1.4
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.1
},
{
"db": "BID",
"id": "91787",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032564",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10122",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU91445763",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003080",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-1788",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132398",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132291",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137772",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132288",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132285",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136989",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169629",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1788"
},
{
"db": "BID",
"id": "75158"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003080"
},
{
"db": "PACKETSTORM",
"id": "132398"
},
{
"db": "PACKETSTORM",
"id": "132291"
},
{
"db": "PACKETSTORM",
"id": "137772"
},
{
"db": "PACKETSTORM",
"id": "132288"
},
{
"db": "PACKETSTORM",
"id": "132285"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "NVD",
"id": "CVE-2015-1788"
}
]
},
"id": "VAR-201506-0231",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.2242063475
},
"last_update_date": "2024-07-23T20:32:53.570000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht205031"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht205031"
},
{
"title": "cisco-sa-20150612-openssl",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150612-openssl"
},
{
"title": "bn/bn_gf2m.c: avoid infinite loop wich malformed ECParamters.",
"trust": 0.8,
"url": "https://github.com/openssl/openssl/commit/4924b37ee01f71ae19c94a8934b80eeb2f677932"
},
{
"title": "HPSBUX03388",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143880121627664\u0026amp;w=2"
},
{
"title": "HPSBMU03546",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05045763"
},
{
"title": "HPSBMU03611",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05150888"
},
{
"title": "HPSBMU03612",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05158380"
},
{
"title": "HPSBHF03613",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05184351"
},
{
"title": "\u30a2\u30e9\u30a4\u30c9\u30c6\u30ec\u30b7\u30b9\u682a\u5f0f\u4f1a\u793e\u304b\u3089\u306e\u60c5\u5831",
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu91445763/522154/index.html"
},
{
"title": "NV15-010",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv15-010.html"
},
{
"title": "OpenSSL vulnerabilities",
"trust": 0.8,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"title": "Tarballs",
"trust": 0.8,
"url": "https://www.openssl.org/source/"
},
{
"title": "[11 Jun 2015] DHE man-in-the-middle protection (Logjam)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"title": "Text Form of Oracle Critical Patch Update - October 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015verbose-2367954.html"
},
{
"title": "Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - January 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016verbose-2367956.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2016verbose-2881721.html"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"title": "Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"title": "October 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2015_critical_patch_update"
},
{
"title": "January 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/january_2016_critical_patch_update"
},
{
"title": "July 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2016_critical_patch_update"
},
{
"title": "JSA10694",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10694"
},
{
"title": "cisco-sa-20150612-openssl",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/112/1129/1129443_cisco-sa-20150612-openssl-j.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/07/06/hpe_rushes_out_patch_for_more_than_a_year_of_openssl_vulns/"
},
{
"title": "Red Hat: CVE-2015-1788",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-1788"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2639-1"
},
{
"title": "Tenable Security Advisories: [R7] OpenSSL \u002720150611\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2015-07"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20150612-openssl"
},
{
"title": "Symantec Security Advisories: SA98 : OpenSSL Security Advisory 11-June-2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=a7350b0751124b5a44ba8dbd2df71f9f"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=8b701aba68029ec36b631a8e26157a22"
},
{
"title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=744c19dc9f4f70ad58059bf8733ec9c1"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=63802a6c83b107c4e6e0c7f9241a66a8"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/aravindb26/new.txt "
},
{
"title": "afl-cve",
"trust": 0.1,
"url": "https://github.com/mrash/afl-cve "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1788"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003080"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003080"
},
{
"db": "NVD",
"id": "CVE-2015-1788"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.5,
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"trust": 1.4,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10694"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150612-openssl"
},
{
"trust": 1.4,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/75158"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201506-02"
},
{
"trust": 1.1,
"url": "https://github.com/openssl/openssl/commit/4924b37ee01f71ae19c94a8934b80eeb2f677932"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht205031"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05131044"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05158380"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05184351"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05045763"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 1.1,
"url": "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "https://openssl.org/news/secadv/20150611.txt"
},
{
"trust": 1.1,
"url": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"trust": 1.1,
"url": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"trust": 1.1,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"trust": 1.1,
"url": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"trust": 1.1,
"url": "http://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2015-008.txt.asc"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10122"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2639-1"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032564"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3287"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1788"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu91445763/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1788"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1788"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1792"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1790"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4000"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963362"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022444"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962775"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965845"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/aug/13"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05184351"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/aug/135"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131044"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05150888"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05158380"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022527"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005376"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962520"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963954"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966723"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022655"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022797"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098801"
},
{
"trust": 0.3,
"url": "http://www.fortiguard.com/advisory/fg-ir-15-014/"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962047"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962550"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962519"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964241"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962039"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962833"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020862"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022647"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961800"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960633"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963096"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961111"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960713"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964033"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964441"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903425"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960157"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020840"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961179"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962623"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959518"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961569"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005373"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005434"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960041"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960045"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961565"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961837"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962714"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962890"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963498"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964686"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964766"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966356"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966481"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966484"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966847"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966873"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967146"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968871"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969177"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969271"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970020"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970103"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970667"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971238"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972125"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974116"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000137"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978471"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964030"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966381"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022618"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005364"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965643"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/399.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1788"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2639-1/"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=43094"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1792"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1790"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1791"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1788"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1789"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1793"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?doci"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1789\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-8.4.patch.asc"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv_20150611.txt\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4000\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1790\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-10.1.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-15:10.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1791\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-10.1.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-8.4.patch"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1788\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1792\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1791"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1789"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1792"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1790"
},
{
"trust": 0.1,
"url": "https://www.hp.com/swpublishing/mtx-b59b11be53744759a650eadeb4"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/sim"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://rt.openssl.org/ticket/display.html?id=3286"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1788"
},
{
"db": "BID",
"id": "75158"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003080"
},
{
"db": "PACKETSTORM",
"id": "132398"
},
{
"db": "PACKETSTORM",
"id": "132291"
},
{
"db": "PACKETSTORM",
"id": "137772"
},
{
"db": "PACKETSTORM",
"id": "132288"
},
{
"db": "PACKETSTORM",
"id": "132285"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "NVD",
"id": "CVE-2015-1788"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2015-1788"
},
{
"db": "BID",
"id": "75158"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003080"
},
{
"db": "PACKETSTORM",
"id": "132398"
},
{
"db": "PACKETSTORM",
"id": "132291"
},
{
"db": "PACKETSTORM",
"id": "137772"
},
{
"db": "PACKETSTORM",
"id": "132288"
},
{
"db": "PACKETSTORM",
"id": "132285"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "NVD",
"id": "CVE-2015-1788"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-12T00:00:00",
"db": "VULMON",
"id": "CVE-2015-1788"
},
{
"date": "2015-06-11T00:00:00",
"db": "BID",
"id": "75158"
},
{
"date": "2015-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003080"
},
{
"date": "2015-06-22T14:14:00",
"db": "PACKETSTORM",
"id": "132398"
},
{
"date": "2015-06-15T15:43:16",
"db": "PACKETSTORM",
"id": "132291"
},
{
"date": "2016-07-05T18:18:00",
"db": "PACKETSTORM",
"id": "137772"
},
{
"date": "2015-06-12T13:25:28",
"db": "PACKETSTORM",
"id": "132288"
},
{
"date": "2015-06-12T13:17:58",
"db": "PACKETSTORM",
"id": "132285"
},
{
"date": "2016-05-13T16:14:13",
"db": "PACKETSTORM",
"id": "136989"
},
{
"date": "2015-06-11T12:12:12",
"db": "PACKETSTORM",
"id": "169629"
},
{
"date": "2015-06-12T19:59:01.600000",
"db": "NVD",
"id": "CVE-2015-1788"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-13T00:00:00",
"db": "VULMON",
"id": "CVE-2015-1788"
},
{
"date": "2018-10-08T08:00:00",
"db": "BID",
"id": "75158"
},
{
"date": "2017-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003080"
},
{
"date": "2022-12-13T12:15:14.860000",
"db": "NVD",
"id": "CVE-2015-1788"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "75158"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of crypto/bn/bn_gf2m.c of BN_GF2m_mod_inv Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003080"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "75158"
}
],
"trust": 0.3
}
}
VAR-201403-0514
Vulnerability from variot - Updated: 2024-07-23 20:28The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack. OpenSSL is prone to an information-disclosure weakness. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-14:06.openssl Security Advisory The FreeBSD Project
Topic: OpenSSL multiple vulnerabilities
Category: contrib Module: openssl Announced: 2014-04-08 Affects: All supported versions of FreeBSD. Corrected: 2014-04-08 18:27:39 UTC (stable/10, 10.0-STABLE) 2014-04-08 18:27:46 UTC (releng/10.0, 10.0-RELEASE-p1) 2014-04-08 23:16:19 UTC (stable/9, 9.2-STABLE) 2014-04-08 23:16:05 UTC (releng/9.2, 9.2-RELEASE-p4) 2014-04-08 23:16:05 UTC (releng/9.1, 9.1-RELEASE-p11) 2014-04-08 23:16:19 UTC (stable/8, 8.4-STABLE) 2014-04-08 23:16:05 UTC (releng/8.4, 8.4-RELEASE-p8) 2014-04-08 23:16:05 UTC (releng/8.3, 8.3-RELEASE-p15) CVE Name: CVE-2014-0076, CVE-2014-0160
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
- Revision History
v1.0 2014-04-08 Initial release. v1.1 2014-04-08 Added patch applying step in Solutions section.
I. Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
The Heartbeat Extension provides a new protocol for TLS/DTLS allowing the usage of keep-alive functionality without performing a renegotiation and a basis for path MTU (PMTU) discovery for DTLS.
Elliptic Curve Digital Signature Algorithm (ECDSA) is a variant of the Digital Signature Algorithm (DSA) which uses Elliptic Curve Cryptography. OpenSSL uses the Montgomery Ladder Approach to compute scalar multiplication in a fixed amount of time, which does not leak any information through timing or power.
II. Problem Description
The code used to handle the Heartbeat Extension does not do sufficient boundary checks on record length, which allows reading beyond the actual payload. [CVE-2014-0160]. Affects FreeBSD 10.0 only.
A flaw in the implementation of Montgomery Ladder Approach would create a side-channel that leaks sensitive timing information. [CVE-2014-0076]
III. Impact
An attacker who can send a specifically crafted packet to TLS server or client with an established connection can reveal up to 64k of memory of the remote system. Such memory might contain sensitive information, including key material, protected content, etc. which could be directly useful, or might be leveraged to obtain elevated privileges. [CVE-2014-0160]
A local attacker might be able to snoop a signing process and might recover the signing key from it. [CVE-2014-0076]
IV. Workaround
No workaround is available, but systems that do not use OpenSSL to implement the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols implementation and do not use the ECDSA implementation from OpenSSL are not vulnerable.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 8.x and FreeBSD 9.x]
fetch http://security.FreeBSD.org/patches/SA-14:06/openssl.patch
fetch http://security.FreeBSD.org/patches/SA-14:06/openssl.patch.asc
gpg --verify openssl.patch.asc
[FreeBSD 10.0]
fetch http://security.FreeBSD.org/patches/SA-14:06/openssl-10.patch
fetch http://security.FreeBSD.org/patches/SA-14:06/openssl-10.patch.asc
gpg --verify openssl-10.patch.asc
b) Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
Recompile the operating system using buildworld and installworld as described in .
Restart all deamons using the library, or reboot the system.
3) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
IMPORTANT: the update procedure above does not update OpenSSL from the Ports Collection or from a package, known as security/openssl, which has to be updated separately via ports or package.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r264285 releng/8.3/ r264284 releng/8.4/ r264284 stable/9/ r264285 releng/9.1/ r264284 releng/9.2/ r264284 stable/10/ r264266 releng/10.0/ r264267
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD)
iQIcBAEBCgAGBQJTRJySAAoJEO1n7NZdz2rnzPcQALd6So7vDRBaYiaGwQjc55oI QwTnNzkkgxVTGwi8lDV6h8bIW3Ga8AhMGoZCVOeKbDABBDghVYe6Na5e/wsHbPPu tXmDRhoi2aV0sVCTFfpoCNJ8l2lb+5vnmEC6Oi3PMQDbRC+Ptg15o0W/2hXw0eKO yu4BhS4dl6lX7IvlR1n4sr0rfa8vwxe5OpUUd6Bzw0SUBmV+BTzq1C70FuOZ/hnD ThaZS8Ox3fcWuPylhPbhxnWqg0oVNkBpiRYpIBadrpl9EiRRzbTfF+uFvauR9tBN 1mK8lLwd7DK6x8iCSnDd2ZlN1rNn8EPsGohT4vP+szz2E2YP1x8ugihEBdYax+Dh Z4TWkm3/wJwEf00G32E1hZ8F+UavE8AmnGVk6gxiRpnv2sdNJYRlWd9O8u251qMq uzcmBX6Jr14dQCwlqof8pYKYV7VCE/Cu4JHThOCL042CLwUmXyJVMFzm6WPQlNjC dlPbSG+PXjninPjcYBoMR+863X35Guv0pJBNG/ofEh+Jy5MveaMRQX/mA+wy29zm qg74lM07adXkJujPAuA5dYjZivpW1NPOHeIjaYjaI6KDw2q3BlkGa2C3PeYDQxn4 Iqujqpem5nyQY4BO2XC8gVtuym0jDSA98bgFXumNDkmzlUUuOFOWD8YScLopOzOu EpUXgezogk1Rd3EVsaJ+ =UBO0 -----END PGP SIGNATURE----- . OpenSSL Security Advisory [05 Jun 2014] ========================================
SSL/TLS MITM vulnerability (CVE-2014-0224)
An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server.
The attack can only be performed between a vulnerable client and server. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.
OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za. OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m. OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.
Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and researching this issue. This issue was reported to OpenSSL on 1st May 2014 via JPCERT/CC.
The fix was developed by Stephen Henson of the OpenSSL core team partly based on an original patch from KIKUCHI Masashi.
DTLS recursion flaw (CVE-2014-0221)
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack.
Only applications using OpenSSL as a DTLS client are affected.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This issue was reported to OpenSSL on 9th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
DTLS invalid fragment vulnerability (CVE-2014-0195)
A buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server. This is potentially exploitable to run arbitrary code on a vulnerable client or server.
Only applications using OpenSSL as a DTLS client or server affected.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Jüri Aedla for reporting this issue. This issue was reported to OpenSSL on 23rd April 2014 via HP ZDI.
The fix was developed by Stephen Henson of the OpenSSL core team.
SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)
A flaw in the do_ssl3_write function can allow remote attackers to cause a denial of service via a NULL pointer dereference. This flaw only affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public. The fix was developed by Matt Caswell of the OpenSSL development team.
SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)
A race condition in the ssl3_read_bytes function can allow remote attackers to inject data across sessions or cause a denial of service. This flaw only affects multithreaded applications using OpenSSL 1.0.0 and 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public.
Anonymous ECDH denial of service (CVE-2014-3470)
OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a denial of service attack.
OpenSSL 0.9.8 users should upgrade to 0.9.8za OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
Thanks to Felix Gröbert and Ivan Fratrić at Google for discovering this issue. This issue was reported to OpenSSL on 28th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
Other issues
OpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for CVE-2014-0076: Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" Reported by Yuval Yarom and Naomi Benger. This issue was previously fixed in OpenSSL 1.0.1g.
References
URL for this Security Advisory: http://www.openssl.org/news/secadv_20140605.txt
Note: the online version of the advisory may be updated with additional details over time. The following Common Vulnerabilities and Exposures project ids identify them:
CVE-2010-5298
A read buffer can be freed even when it still contains data that is
used later on, leading to a use-after-free.
CVE-2014-0076
ECDSA nonces can be recovered through the Yarom/Benger FLUSH+RELOAD
cache side-channel attack.
A third issue, with no CVE id, is the missing detection of the "critical" flag for the TSA extended key usage under certain cases.
Additionally, this update checks for more services that might need to be restarted after upgrades of libssl, corrects the detection of apache2 and postgresql, and adds support for the 'libraries/restart-without-asking' debconf configuration. This allows services to be restarted on upgrade without prompting.
The oldstable distribution (squeeze) is not affected by CVE-2010-5298 and it might be updated at a later time to address the remaining vulnerabilities.
For the testing distribution (jessie), these problems will be fixed soon. The updates are available from the following location using ftp:
ftp://srt03046:Secure12@ftp.usa.hp.com
User name: srt03046 Password: Secure12 ( NOTE: Case sensitive)
HP-UX Release HP-UX OpenSSL version
B.11.11 (11i v1) A.00.09.08za.001_HP-UX_B.11.11_32+64.depot
B.11.23 (11i v2) A.00.09.08za.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3) A.00.09.08za.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08za or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug (CVE-2014-0160).
The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment (CVE-2014-0195).
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224).
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue (CVE-2014-3566).
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c (CVE-2014-3570).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message (CVE-2014-3572).
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c (CVE-2014-8275).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the FREAK issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations (CVE-2015-0204).
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support (CVE-2015-0205).
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import (CVE-2015-0209).
The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289).
The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293 http://openssl.org/news/secadv_20150108.txt http://openssl.org/news/secadv_20150319.txt
Updated Packages:
Mandriva Business Server 2/X86_64: 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security.
HP Systems Insight Manager v7.3 Hotfix kit HP Systems Insight Manager v7.2 Hotfix kit (The HP Systems Insight Manager v7.2 Hotfix kit is currently unavailable, but will be released at a later date.
http://h18013.www1.hp.com/products/servers/management/hpsim/download.html
NOTE: No reboot of the system is required after applying the HP SIM Hotfix kit. HP System Management Homepage versions 7.3.2 and earlier for Linux and Windows. HP System Management Homepage v7.2.4.1 is available for Windows 2003 only.
HP System Management Homepage v7.2.4.1 for Windows x86: http://www.hp.com/swpublishing/MTX-d775367b0a28449ca05660778b ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98702
HP System Management Homepage v7.2.4.1 for Windows x64: http://www.hp.com/swpublishing/MTX-3a7aa5e233904ebe847a5e1555 ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98704
HP System Management Homepage v7.3.3.1 for Windows x86: http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05 ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98696
HP System Management Homepage v7.3.3.1 for Windows x64: http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98698
HP System Management Homepage v7.3.3.1 for Linux x86: http://www.hp.com/swpublishing/MTX-511c3e0b2f6f4f6bbc796fc619 ftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1980463820/v98694
HP System Management Homepage v7.3.3.1 for Linux x64: http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93 ftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1507410135/v98693
NOTE: HP System Management Homepage v7.3.3.1 for Linux x86 still contains OpenSSL v1.0.0d. As long as all other products which SMH V7.3.3.1 for Linux x86 communicates with have been upgraded to the latest versions, it will not be vulnerable to the exploits described in CVE-2014-0224.
Release Date: 2014-07-23 Last Updated: 2014-07-23
Potential Security Impact: Remote denial of service (DoS), code execution, unauthorized access, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Insight Control server migration running on Linux and Windows which could be exploited remotely resulting in denial of service (DoS), code execution, unauthorized access, or disclosure of information.
References:
CVE-2010-5298 Remote Denial of Service CVE-2014-0076 Unauthorized Disclosure of Information CVE-2014-0195 Remote Unauthorized Access CVE-2014-0198 Remote Denial of Service CVE-2014-0221 Remote Denial of Service (DoS) CVE-2014-0224 Remote Unauthorized Access or Disclosure of Information CVE-2014-3470 Remote Code Execution or Unauthorized Access SSRT101647
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server migration v7.2.2, v7.3, v7.3.1, and v7.3.2
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following updates to v7.3.2 of HP Insight Control server migration to resolve these vulnerabilities by upgrading to version 7.3.3. Please note that version 7.3.3 of HP Insight Control server migration is included on the HP Insight Management 7.3 Update 2 DVD.
HP has provided the installation binaries for download from the following web site by using the Receive for free option:
http://h18013.www1.hp.com/products/servers/management/fpdownload.html
Customers using HP Insight Control server migration v7.2.2 must first upgrade from v7.2.2 to v7.3 by using the HP Insight Management v7.3 DVD, and then upgrade to v7.3.3 by using the HP Insight Management v7.3 Update 2 DVD.
Customers running HP Insight Control server migration v7.3, v7.3.1, or v7.3.2, can use the HP Insight Control server migration v7.3 Update 2 DVD to complete the upgrade.
For more information on the upgrade process, please refer to the HP Insight Management Installation and Upgrade Guide and Release notes, which are available at the following location:
http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind ex.aspx?cat=insightmanagement
NOTE: The upgrade paths described above update the entire HP Insight Control software stack. To upgrade HP Insight Control server migration only, complete the following steps:
Copy "hpsmp.exe" to the local machine from the HP Insight Management v7.3.0 Update 2 DVD ISO. Create batch file with the following commands: @echo off hpsmp.exe /verysilent /SVCPATCH=Install_Through_Patch Copy the batch file to the folder where "hpsmp.exe" normally resides on the target system. Double click on the batch file. The HP Insight Control server migration installation starts in a command prompt. The command prompt closes when the installation finishes. After the installation completes it creates a log file (ICmigr.log) and an output file (ICmigroutput.xml) on the target system. Do not close or click on the command prompt while the process is completing. Do not run the command prompt in the background.
HISTORY Version:1 (rev.1) - 23 July 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004
OS X Mavericks 10.9.5 and Security Update 2014-004 are now available and address the following:
apache_mod_php Available for: OS X Mavericks 10.9 to 10.9.4 Impact: Multiple vulnerabilities in PHP 5.4.24 Description: Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30 CVE-ID CVE-2013-7345 CVE-2014-0185 CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-1943 CVE-2014-2270 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-3981 CVE-2014-4049
Bluetooth Available for: OS X Mavericks 10.9 to 10.9.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A validation issue existed in the handling of a Bluetooth API call. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4390 : Ian Beer of Google Project Zero
CoreGraphics Available for: OS X Mavericks 10.9 to 10.9.4 Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or an information disclosure Description: An out of bounds memory read existed in the handling of PDF files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4378 : Felipe Andres Manzano of Binamuse VRT working with the iSIGHT Partners GVP Program
CoreGraphics Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of PDF files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4377 : Felipe Andres Manzano of Binamuse VRT working with the iSIGHT Partners GVP Program
Foundation Available for: OS X Mavericks 10.9 to 10.9.4 Impact: An application using NSXMLParser may be misused to disclose information Description: An XML External Entity issue existed in NSXMLParser's handling of XML. This issue was addressed by not loading external entities across origins. CVE-ID CVE-2014-4374 : George Gal of VSR (http://www.vsecurity.com/)
Intel Graphics Driver Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: Compiling untrusted GLSL shaders may lead to an unexpected application termination or arbitrary code execution Description: A user-space buffer overflow existed in the shader compiler. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4393 : Apple
Intel Graphics Driver Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple validation issues existed in some integrated graphics driver routines. These issues were addressed through improved bounds checking. CVE-ID CVE-2014-4394 : Ian Beer of Google Project Zero CVE-2014-4395 : Ian Beer of Google Project Zero CVE-2014-4396 : Ian Beer of Google Project Zero CVE-2014-4397 : Ian Beer of Google Project Zero CVE-2014-4398 : Ian Beer of Google Project Zero CVE-2014-4399 : Ian Beer of Google Project Zero CVE-2014-4400 : Ian Beer of Google Project Zero CVE-2014-4401 : Ian Beer of Google Project Zero CVE-2014-4416 : Ian Beer of Google Project Zero
IOAcceleratorFamily Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A null pointer dereference existed in the handling of IOKit API arguments. This issue was addressed through improved validation of IOKit API arguments. CVE-ID CVE-2014-4376 : Ian Beer of Google Project Zero
IOAcceleratorFamily Available for: OS X Mavericks 10.9 to 10.9.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An out-of-bounds read issue existed in the handling of an IOAcceleratorFamily function. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4402 : Ian Beer of Google Project Zero
IOHIDFamily Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: A local user can read kernel pointers, which can be used to bypass kernel address space layout randomization Description: An out-of-bounds read issue existed in the handling of an IOHIDFamily function. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4379 : Ian Beer of Google Project Zero
IOKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A validation issue existed in the handling of certain metadata fields of IODataQueue objects. This issue was addressed through improved validation of metadata. CVE-ID CVE-2014-4388 : @PanguTeam
IOKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An integer overflow existed in the handling of IOKit functions. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4389 : Ian Beer of Google Project Zero
Kernel Available for: OS X Mavericks 10.9 to 10.9.4 Impact: A local user can infer kernel addresses and bypass kernel address space layout randomization Description: In some cases, the CPU Global Descriptor Table was allocated at a predictable address. This issue was addressed through always allocating the Global Descriptor Table at random addresses. CVE-ID CVE-2014-4403 : Ian Beer of Google Project Zero
Libnotify Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: A malicious application may be able to execute arbitrary code with root privileges Description: An out-of-bounds write issue existed in Libnotify. This issue was addressed through improved bounds checking CVE-ID CVE-2014-4381 : Ian Beer of Google Project Zero
OpenSSL Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: Multiple vulnerabilities in OpenSSL 0.9.8y, including one that may lead to arbitrary code execution Description: Multiple vulnerabilities existed in OpenSSL 0.9.8y. This update was addressed by updating OpenSSL to version 0.9.8za. CVE-ID CVE-2014-0076 CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470
QT Media Foundation Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of RLE encoded movie files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1391 : Fernando Munoz working with iDefense VCP, Tom Gallagher & Paul Bates working with HP's Zero Day Initiative
QT Media Foundation Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: Playing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of MIDI files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4350 : s3tm3m working with HP's Zero Day Initiative
QT Media Foundation Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of the 'mvhd' atoms. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4979 : Andrea Micalizzi aka rgod working with HP's Zero Day Initiative
ruby Available for: OS X Mavericks 10.9 to 10.9.4 Impact: A remote attacker may be able to cause arbitrary code execution Description: A heap buffer overflow existed in LibYAML's handling of percent-encoded characters in a URI. This issue was addressed through improved bounds checking. This update addresses the issues by updating LibYAML to version 0.1.6 CVE-ID CVE-2014-2525
Note: OS X Mavericks 10.9.5 includes the security content of Safari 7.0.6: http://support.apple.com/kb/HT6367
OS X Mavericks v10.9.5 and Security Update 2014-004 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUGkP0AAoJEBcWfLTuOo7tygQP/1vHYXtWy6492Tjj6ycymWa+ Ct0eCCBU/AUi5ODNDeV9ddWkuFeXKbgQSHoPU19IPcIBAKnYUupVJSJ/cEHfSthh CiROjJw8Bt8comn04BgggHieLveN1xQCXQDcO29kBIpQr394XKS0lNXP//Z0oG5V sCnEDPz/0R92mwT5XkKD9WC7G/WjybS5V7BjEbdzDOn4qdTVje05xI5pof+fkeQ1 hFHo7uTCDkSzLH2YxrQHifNVyItz8AgnNHwH7zc6XmNtiNFkiFP/KU6BYyr8WiTQ Jb3pyLB/Xvmbd0kuETnDNvV0oJc88G38a++xZPnuM7zQrW/TQkkKQpiqKtYAiJuw ZhUoky620/7HULegcYtsTyuDFyEN6whdSmHLFCJzk2oZXZ7MPA8ywCFB8Y79rohW 5MTe/zVUSxxYBgVXpkmhPwXYSTINeUJGJA1RQtXhC2Hh6O2jeqJP2H0hTmgsCBRA 3X/2CGoyAAgoKTJwgXk07tBbJWf+wQwAvUN9L1Yph+uOvvUzqFt8LNEGw9jVPsZl QHcSEW/Ef/HK/OLwVZiPqse6lRJAdRZl5//vm4408jnXfJCy6KnvxcsO4Z1yTyoP kCXdWlSLBiidcRRWBfoQBSC3gANcx9a56ItWieEvJrdNOiyhb+gqEk7XraOlb/gf k4w2RKNm0Fv+kdNoFAnd =gpVc -----END PGP SIGNATURE-----
. These vulnerabilities include:
-
The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information.
-
HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2010-5298
4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)
CVE-2014-0076
4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)
CVE-2014-0195
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-0198
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0221
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0224
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-3470
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-3566
3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVE-2016-0705
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE recommends applying the following software updates to resolve the vulnerabilities in the impacted versions of HPE StoreVirtual products running HPE LeftHand OS.
LeftHand OS v11.5 - Patches 45019-00 and 45020 LeftHand OS v12.0 - Patches 50016-00 and 50017-00 LeftHand OS v12.5 - Patch 55016-00 LeftHand OS v12.6 - Patch 56002-00
Notes:
These patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision to OpenSSL v1.0.1e 48. These patches migrate Certificate Authority Hashing Algorithm from a weak hashing algorithm SHA1 to the stronger hashing algorithm SHA256
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201403-0514",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flex system chassis management module",
"scope": "eq",
"trust": 1.5,
"vendor": "ibm",
"version": "1.50.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8u"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8t"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8o"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8s"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8q"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8n"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8y"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8r"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8w"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "bladecenter -t 3.66b",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter advanced management module 3.66c",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -h 3.66b",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -e 3.66b",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter advanced management module 3.66b",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -s 3.66c",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -ht 3.66c",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -ht 3.66b",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -h 3.66c",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -t 3.66c",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -e 3.66c",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -s 3.66b",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter t advanced management module 3.66b",
"scope": null,
"trust": 0.6,
"vendor": "ibm",
"version": null
},
{
"model": "flex system chassis management module",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "1.50.0"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.6"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "junos 12.1x44-d33",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v210.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571471.43"
},
{
"model": "junos 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x571431.43"
},
{
"model": "rational clearquest",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.7"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "junos 12.1x44-d50",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"model": "tivoli workload scheduler distributed ga level",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"model": "junos r8-s2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "sa6500 ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "sa700 ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "tivoli netcool/system service monitor fp11",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 12.3r4.6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "netcool/system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8886"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.20"
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8852"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.19"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.17"
},
{
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "junos 12.1r8-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56001"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "flex system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.9"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "junos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "8.3-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "junos 12.1x47-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "worklight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "tivoli netcool/system service monitor fp13",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"model": "junos 12.2r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "sa2000 ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.1"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.51"
},
{
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"model": "websphere application server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.33"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.2"
},
{
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 12.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "junos 12.3r4-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos 12.1x44-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "junos os 12.1x46-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "system x3500m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73801.42"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.3.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "junos 13.2x51-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 12.1x44-d20.3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.1"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.5"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73231.42"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.16"
},
{
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "junos 12.1r7-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.6.0"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"model": "junos 12.1r5-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"model": "tivoli netcool/system service monitor fp9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "bladecenter -t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8730"
},
{
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "system x3200m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73271.42"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.3"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.5"
},
{
"model": "junos 12.2x50-d70",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "junos 12.1x46-d20.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.03"
},
{
"model": "junos 13.2x50-d15.3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos r6",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "sa2500 ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "junos r11",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56002"
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"model": "icewall sso dfw r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0.00"
},
{
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1886"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"model": "junos 13.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tivoli netcool/system service monitor fp7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77000"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "8.4-release-p8",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.0"
},
{
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "junos",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.24"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "flex system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "junos 13.2x51-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "security zsecure visual",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"model": "junos 12.1x46-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.4"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.3r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "icewall sso dfw r1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v19.7"
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.20.5.0"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "system x3200m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73281.42"
},
{
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "junos r4-s2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "junos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.1x49-d55",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x571451.43"
},
{
"model": "junos d20",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.2r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "netcool/system service monitor fp1 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0-"
},
{
"model": "junos 12.2r1.3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v310.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.4"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"model": "9.2-release-p4",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.29"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "junos os 11.4r12-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "junos 12.3r2-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "junos 12.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77109.7"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "quantum policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "tivoli netcool/system service monitor fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.07"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "system x3630m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73771.42"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.38"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73211.42"
},
{
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 12.1x47-d10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "os/400 v1r5m0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.41"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "junos os 12.2r9",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "junos 12.1x46-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7779"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.25"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.2r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.50"
},
{
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.0"
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "icewall sso dfw r2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.3"
},
{
"model": "junos 12.1x46-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8721"
},
{
"model": "junos 12.1r1.9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos os 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "8.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos 12.1x47-d11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.35"
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 12.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"model": "puredata system for operational analytics a1791",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "junos 13.2r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "system x3400m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "78361.42"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.3r3.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "icewall sso certd r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "junos 13.2x50-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2.1"
},
{
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4"
},
{
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "junos 12.1r5.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "junos r8",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v110.1"
},
{
"model": "junos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos r6",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "sa6000 ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "tivoli workload scheduler distributed fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "rational clearquest",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.19"
},
{
"model": "ds8870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "junos 13.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2143"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.23"
},
{
"model": "junos 12.1x45-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.1"
},
{
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "560010.1"
},
{
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"model": "flashsystem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8400"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webapp secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "9.1-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "call management system r17.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "junos 13.2x51-d15.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "junos 12.3r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "88704.76.0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.212"
},
{
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ctpos 6.6r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x52-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos -d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "junos space 13.1r1.6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.2x50-d20.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73251.42"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.13"
},
{
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos 13.2r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "junos 12.1x46-d36",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"model": "junos d10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.021"
},
{
"model": "junos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "junos 12.3r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 13.3r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storwize unified",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.32"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos 12.1x47-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r8.7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.4"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.5"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.10"
},
{
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "junos 12.1r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.0.3"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.029"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "junos 12.3r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.24"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 12.1x44-d51",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "system integrated management module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2"
},
{
"model": "junos 13.1x49-d49",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "bladecenter -t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8720"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "junos 13.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.27"
},
{
"model": "junos d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.30"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "tivoli monitoring fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.229"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.02007"
},
{
"model": "junos 12.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "junos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "system x3250m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "42511.42"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 12.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.31"
},
{
"model": "bladecenter -ht",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8750"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "85704.76.0"
},
{
"model": "junos 13.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56009.7"
},
{
"model": "junos d40",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 13.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.2"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-467"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.3"
},
{
"model": "junos 13.1r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"model": "junos 12.1x48-d62",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.19"
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 13.1r4-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4"
},
{
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "9.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.2"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.0"
},
{
"model": "tivoli netcool/system service monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.31"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.40"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "tivoli netcool/system service monitor fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.22"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.5"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.12"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.13"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.16"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.22"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "junos os 13.2r5-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1.2"
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 13.1r.3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.1.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "junos 13.2x52-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "idp series 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.4"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos 12.1x47-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7893"
},
{
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"model": "junos 12.1x44-d55",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x45-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "websphere application server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.10"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.03"
},
{
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"model": "junos 11.4r12-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.41"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "junos 12.1r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "system dx360m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "63911.42"
},
{
"model": "junos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.24"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"model": "junos 12.3r6.6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "junos 13.1x50-d15.1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.1x50-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "junos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "76000"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "tivoli netcool/system service monitor fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x45-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "10.0-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "os/400 v1r4m0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "systems director editions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2"
},
{
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "junos 13.2x51-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli monitoring fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.235"
},
{
"model": "junos 13.2x51-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli monitoring fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.302"
},
{
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "junos 13.2r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "junos 12.1x44-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"model": "junos 13.2x51-d25.2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "system x3550m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79441.42"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos os 13.1r4-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.19"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.13"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "junos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7.0"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "junos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "junos pulse for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "flashsystem 9843-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.27"
},
{
"model": "junos 13.1r3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.2.1"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"model": "junos 12.3r7-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp series",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "tivoli netcool/system service monitor fp12",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"model": "junos 12.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "junos 12.1x48-d41",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"model": "junos 12.1x46-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.3"
},
{
"model": "junos 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.13"
},
{
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7967"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.1.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.23"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "icewall sso dfw certd",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.0"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.06"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ctpos 6.6r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"model": "junos 12.1x44-d30.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.2x50-d40.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos d20",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.07"
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8724"
},
{
"model": "junos r8",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.6"
},
{
"model": "rational clearcase",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1881"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.5.0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.18"
},
{
"model": "8.3-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 12.1r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.1"
},
{
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.177"
},
{
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.41"
},
{
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x571431.43"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "8.3-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.11"
},
{
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v39.7"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tivoli remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"model": "junos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.34"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "junos 12.1x45-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "junos 13.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3"
},
{
"model": "junos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "junos 13.2x51-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-476"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.2.0"
},
{
"model": "system x3400m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73781.42"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x44-d45",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.21"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "flex system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.26"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "tivoli netcool/system service monitor fp8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1.1"
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"model": "junos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "system x3250m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "42521.42"
},
{
"model": "tivoli netcool/system service monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "junos d35",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.37"
},
{
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli netcool/system service monitor fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "junos 12.1x45-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "junos 12.1x46-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "junos 13.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.0"
},
{
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-471"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v29.7"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"model": "rational clearcase",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "sa4000 ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.2"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "10.0-release-p1",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 12.2r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.19"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.2"
},
{
"model": "system x3620m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73761.42"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.19"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "junos 12.3x48-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "system x3400m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "78371.42"
},
{
"model": "junos 12.2r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7989"
},
{
"model": "websphere application server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.6"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"model": "bladecenter -ht",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8740"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.2x51-d27.2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "flex system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.1.9"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x44-d24",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "junos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "junos 13.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45-"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "9.2-releng",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.27"
},
{
"model": "junos 12.2x50-d50.1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.33"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.18"
},
{
"model": "tivoli netcool/system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "junos 12.2r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8677"
},
{
"model": "system x3400m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73791.42"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "junos 12.1x44-d35.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.1-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0"
},
{
"model": "9.1-release-p11",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl 0.9.8za",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "junos 12.3x48-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.00"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.10"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.32"
},
{
"model": "junos 13.2x51-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "8.3-release-p15",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "rational clearquest",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.010"
},
{
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "66363"
},
{
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.0l",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "128001"
}
],
"trust": 0.9
},
"cve": "CVE-2014-0076",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2014-0076",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0076",
"trust": 1.0,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2014-0076",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0076"
},
{
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack. OpenSSL is prone to an information-disclosure weakness. \nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-14:06.openssl Security Advisory\n The FreeBSD Project\n\nTopic: OpenSSL multiple vulnerabilities\n\nCategory: contrib\nModule: openssl\nAnnounced: 2014-04-08\nAffects: All supported versions of FreeBSD. \nCorrected: 2014-04-08 18:27:39 UTC (stable/10, 10.0-STABLE)\n 2014-04-08 18:27:46 UTC (releng/10.0, 10.0-RELEASE-p1)\n 2014-04-08 23:16:19 UTC (stable/9, 9.2-STABLE)\n 2014-04-08 23:16:05 UTC (releng/9.2, 9.2-RELEASE-p4)\n 2014-04-08 23:16:05 UTC (releng/9.1, 9.1-RELEASE-p11)\n 2014-04-08 23:16:19 UTC (stable/8, 8.4-STABLE)\n 2014-04-08 23:16:05 UTC (releng/8.4, 8.4-RELEASE-p8)\n 2014-04-08 23:16:05 UTC (releng/8.3, 8.3-RELEASE-p15)\nCVE Name: CVE-2014-0076, CVE-2014-0160\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. \n\n0. Revision History\n\nv1.0 2014-04-08 Initial release. \nv1.1 2014-04-08 Added patch applying step in Solutions section. \n\nI. Background\n\nFreeBSD includes software from the OpenSSL Project. The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured\nOpen Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nThe Heartbeat Extension provides a new protocol for TLS/DTLS allowing the\nusage of keep-alive functionality without performing a renegotiation and a\nbasis for path MTU (PMTU) discovery for DTLS. \n\nElliptic Curve Digital Signature Algorithm (ECDSA) is a variant of the\nDigital Signature Algorithm (DSA) which uses Elliptic Curve Cryptography. \nOpenSSL uses the Montgomery Ladder Approach to compute scalar multiplication\nin a fixed amount of time, which does not leak any information through timing\nor power. \n\nII. Problem Description\n\nThe code used to handle the Heartbeat Extension does not do sufficient boundary\nchecks on record length, which allows reading beyond the actual payload. \n[CVE-2014-0160]. Affects FreeBSD 10.0 only. \n\nA flaw in the implementation of Montgomery Ladder Approach would create a\nside-channel that leaks sensitive timing information. [CVE-2014-0076]\n\nIII. Impact\n\nAn attacker who can send a specifically crafted packet to TLS server or client\nwith an established connection can reveal up to 64k of memory of the remote\nsystem. Such memory might contain sensitive information, including key\nmaterial, protected content, etc. which could be directly useful, or might\nbe leveraged to obtain elevated privileges. [CVE-2014-0160]\n\nA local attacker might be able to snoop a signing process and might recover\nthe signing key from it. [CVE-2014-0076]\n\nIV. Workaround\n\nNo workaround is available, but systems that do not use OpenSSL to implement\nthe Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)\nprotocols implementation and do not use the ECDSA implementation from OpenSSL\nare not vulnerable. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 8.x and FreeBSD 9.x]\n# fetch http://security.FreeBSD.org/patches/SA-14:06/openssl.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:06/openssl.patch.asc\n# gpg --verify openssl.patch.asc\n\n[FreeBSD 10.0]\n# fetch http://security.FreeBSD.org/patches/SA-14:06/openssl-10.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:06/openssl-10.patch.asc\n# gpg --verify openssl-10.patch.asc\n\nb) Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nRecompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:http://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all deamons using the library, or reboot the system. \n\n3) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nIMPORTANT: the update procedure above does not update OpenSSL from the\nPorts Collection or from a package, known as security/openssl, which\nhas to be updated separately via ports or package. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r264285\nreleng/8.3/ r264284\nreleng/8.4/ r264284\nstable/9/ r264285\nreleng/9.1/ r264284\nreleng/9.2/ r264284\nstable/10/ r264266\nreleng/10.0/ r264267\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:http://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076\u003e\n\u003cURL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\u003e\n\n\u003cURL:http://www.openssl.org/news/secadv_20140407.txt\u003e\n\u003cURL:http://eprint.iacr.org/2014/140.pdf\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:http://security.FreeBSD.org/advisories/FreeBSD-SA-14:06.openssl.asc\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.22 (FreeBSD)\n\niQIcBAEBCgAGBQJTRJySAAoJEO1n7NZdz2rnzPcQALd6So7vDRBaYiaGwQjc55oI\nQwTnNzkkgxVTGwi8lDV6h8bIW3Ga8AhMGoZCVOeKbDABBDghVYe6Na5e/wsHbPPu\ntXmDRhoi2aV0sVCTFfpoCNJ8l2lb+5vnmEC6Oi3PMQDbRC+Ptg15o0W/2hXw0eKO\nyu4BhS4dl6lX7IvlR1n4sr0rfa8vwxe5OpUUd6Bzw0SUBmV+BTzq1C70FuOZ/hnD\nThaZS8Ox3fcWuPylhPbhxnWqg0oVNkBpiRYpIBadrpl9EiRRzbTfF+uFvauR9tBN\n1mK8lLwd7DK6x8iCSnDd2ZlN1rNn8EPsGohT4vP+szz2E2YP1x8ugihEBdYax+Dh\nZ4TWkm3/wJwEf00G32E1hZ8F+UavE8AmnGVk6gxiRpnv2sdNJYRlWd9O8u251qMq\nuzcmBX6Jr14dQCwlqof8pYKYV7VCE/Cu4JHThOCL042CLwUmXyJVMFzm6WPQlNjC\ndlPbSG+PXjninPjcYBoMR+863X35Guv0pJBNG/ofEh+Jy5MveaMRQX/mA+wy29zm\nqg74lM07adXkJujPAuA5dYjZivpW1NPOHeIjaYjaI6KDw2q3BlkGa2C3PeYDQxn4\nIqujqpem5nyQY4BO2XC8gVtuym0jDSA98bgFXumNDkmzlUUuOFOWD8YScLopOzOu\nEpUXgezogk1Rd3EVsaJ+\n=UBO0\n-----END PGP SIGNATURE-----\n. OpenSSL Security Advisory [05 Jun 2014]\n========================================\n\nSSL/TLS MITM vulnerability (CVE-2014-0224)\n===========================================\n\nAn attacker using a carefully crafted handshake can force the use of weak\nkeying material in OpenSSL SSL/TLS clients and servers. This can be exploited\nby a Man-in-the-middle (MITM) attack where the attacker can decrypt and \nmodify traffic from the attacked client and server. \n\nThe attack can only be performed between a vulnerable client *and*\nserver. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers\nare only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users\nof OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution. \n\nOpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za. \nOpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m. \nOpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h. \n\nThanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 1st May\n2014 via JPCERT/CC. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team partly based\non an original patch from KIKUCHI Masashi. \n\nDTLS recursion flaw (CVE-2014-0221)\n====================================\n\nBy sending an invalid DTLS handshake to an OpenSSL DTLS client the code\ncan be made to recurse eventually crashing in a DoS attack. \n\nOnly applications using OpenSSL as a DTLS client are affected. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This\nissue was reported to OpenSSL on 9th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nDTLS invalid fragment vulnerability (CVE-2014-0195)\n====================================================\n\nA buffer overrun attack can be triggered by sending invalid DTLS fragments\nto an OpenSSL DTLS client or server. This is potentially exploitable to\nrun arbitrary code on a vulnerable client or server. \n\nOnly applications using OpenSSL as a DTLS client or server affected. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to J\u00fcri Aedla for reporting this issue. This issue was\nreported to OpenSSL on 23rd April 2014 via HP ZDI. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nSSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)\n=================================================================\n\nA flaw in the do_ssl3_write function can allow remote attackers to\ncause a denial of service via a NULL pointer dereference. This flaw\nonly affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is\nenabled, which is not the default and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. The fix was developed by\nMatt Caswell of the OpenSSL development team. \n\nSSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)\n===============================================================================\n \nA race condition in the ssl3_read_bytes function can allow remote\nattackers to inject data across sessions or cause a denial of service. \nThis flaw only affects multithreaded applications using OpenSSL 1.0.0\nand 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the\ndefault and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. \n\nAnonymous ECDH denial of service (CVE-2014-3470)\n================================================\n\nOpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a\ndenial of service attack. \n\nOpenSSL 0.9.8 users should upgrade to 0.9.8za\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThanks to Felix Gr\u00f6bert and Ivan Fratri\u0107 at Google for discovering this\nissue. This issue was reported to OpenSSL on 28th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nOther issues\n============\n\nOpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for\nCVE-2014-0076: Fix for the attack described in the paper \"Recovering\nOpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack\"\nReported by Yuval Yarom and Naomi Benger. This issue was previously\nfixed in OpenSSL 1.0.1g. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20140605.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. The following\nCommon Vulnerabilities and Exposures project ids identify them:\n\nCVE-2010-5298\n\n A read buffer can be freed even when it still contains data that is\nused later on, leading to a use-after-free. \n\nCVE-2014-0076\n\n ECDSA nonces can be recovered through the Yarom/Benger FLUSH+RELOAD\ncache side-channel attack. \n\nA third issue, with no CVE id, is the missing detection of the\n\"critical\" flag for the TSA extended key usage under certain cases. \n\n\nAdditionally, this update checks for more services that might need to\nbe restarted after upgrades of libssl, corrects the detection of\napache2 and postgresql, and adds support for the\n\u0027libraries/restart-without-asking\u0027 debconf configuration. This allows\nservices to be restarted on upgrade without prompting. \n\n\nThe oldstable distribution (squeeze) is not affected by CVE-2010-5298\nand it might be updated at a later time to address the remaining\nvulnerabilities. \n\nFor the testing distribution (jessie), these problems will be fixed\nsoon. The\nupdates are available from the following location using ftp:\n\nftp://srt03046:Secure12@ftp.usa.hp.com\n\nUser name: srt03046\nPassword: Secure12 ( NOTE: Case sensitive)\n\nHP-UX Release\n HP-UX OpenSSL version\n\nB.11.11 (11i v1)\n A.00.09.08za.001_HP-UX_B.11.11_32+64.depot\n\nB.11.23 (11i v2)\n A.00.09.08za.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n A.00.09.08za.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08za or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n \n The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before\n 1.0.1g do not properly handle Heartbeat Extension packets, which allows\n remote attackers to obtain sensitive information from process memory\n via crafted packets that trigger a buffer over-read, as demonstrated\n by reading private keys, related to d1_both.c and t1_lib.c, aka the\n Heartbleed bug (CVE-2014-0160). \n \n The dtls1_reassemble_fragment function in d1_both.c in OpenSSL\n before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does\n not properly validate fragment lengths in DTLS ClientHello messages,\n which allows remote attackers to execute arbitrary code or cause a\n denial of service (buffer overflow and application crash) via a long\n non-initial fragment (CVE-2014-0195). \n \n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before\n 1.0.1h does not properly restrict processing of ChangeCipherSpec\n messages, which allows man-in-the-middle attackers to trigger use of a\n zero-length master key in certain OpenSSL-to-OpenSSL communications,\n and consequently hijack sessions or obtain sensitive information,\n via a crafted TLS handshake, aka the CCS Injection vulnerability\n (CVE-2014-0224). \n \n The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other\n products, uses nondeterministic CBC padding, which makes it easier\n for man-in-the-middle attackers to obtain cleartext data via a\n padding-oracle attack, aka the POODLE issue (CVE-2014-3566). \n \n The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before\n 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square\n of a BIGNUM value, which might make it easier for remote attackers to\n defeat cryptographic protection mechanisms via unspecified vectors,\n related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and\n crypto/bn/bn_asm.c (CVE-2014-3570). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote\n SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger\n a loss of forward secrecy by omitting the ServerKeyExchange message\n (CVE-2014-3572). \n \n OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k\n does not enforce certain constraints on certificate data, which allows\n remote attackers to defeat a fingerprint-based certificate-blacklist\n protection mechanism by including crafted data within a\n certificate\u0026#039;s unsigned portion, related to crypto/asn1/a_verify.c,\n crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c\n (CVE-2014-8275). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL\n servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate\n brute-force decryption by offering a weak ephemeral RSA key in a\n noncompliant role, related to the FREAK issue. NOTE: the scope of\n this CVE is only client code based on OpenSSL, not EXPORT_RSA issues\n associated with servers or other TLS implementations (CVE-2015-0204). \n \n The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before\n 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a\n Diffie-Hellman (DH) certificate without requiring a CertificateVerify\n message, which allows remote attackers to obtain access without\n knowledge of a private key via crafted TLS Handshake Protocol traffic\n to a server that recognizes a Certification Authority with DH support\n (CVE-2015-0205). \n \n Use-after-free vulnerability in the d2i_ECPrivateKey function in\n crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r,\n 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote\n attackers to cause a denial of service (memory corruption and\n application crash) or possibly have unspecified other impact via a\n malformed Elliptic Curve (EC) private-key file that is improperly\n handled during import (CVE-2015-0209). \n \n The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before\n 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not\n properly handle a lack of outer ContentInfo, which allows attackers to\n cause a denial of service (NULL pointer dereference and application\n crash) by leveraging an application that processes arbitrary PKCS#7\n data and providing malformed data with ASN.1 encoding, related to\n crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289). \n \n The updated packages have been upgraded to the 1.0.1m version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293\n http://openssl.org/news/secadv_20150108.txt\n http://openssl.org/news/secadv_20150319.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm\n 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm\n a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm \n 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. \n\nHP Systems Insight Manager v7.3 Hotfix kit\nHP Systems Insight Manager v7.2 Hotfix kit (The HP Systems Insight Manager\nv7.2 Hotfix kit is currently unavailable, but will be released at a later\ndate. \n\nhttp://h18013.www1.hp.com/products/servers/management/hpsim/download.html\n\nNOTE: No reboot of the system is required after applying the HP SIM Hotfix\nkit. \nHP System Management Homepage versions 7.3.2 and earlier for Linux and\nWindows. HP System Management Homepage v7.2.4.1 is available for\nWindows 2003 only. \n\nHP System Management Homepage v7.2.4.1 for Windows x86:\nhttp://www.hp.com/swpublishing/MTX-d775367b0a28449ca05660778b\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98702\n\nHP System Management Homepage v7.2.4.1 for Windows x64:\nhttp://www.hp.com/swpublishing/MTX-3a7aa5e233904ebe847a5e1555\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98704\n\nHP System Management Homepage v7.3.3.1 for Windows x86:\nhttp://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98696\n\nHP System Management Homepage v7.3.3.1 for Windows x64:\nhttp://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98698\n\nHP System Management Homepage v7.3.3.1 for Linux x86:\nhttp://www.hp.com/swpublishing/MTX-511c3e0b2f6f4f6bbc796fc619\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1980463820/v98694\n\nHP System Management Homepage v7.3.3.1 for Linux x64:\nhttp://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1507410135/v98693\n\nNOTE: HP System Management Homepage v7.3.3.1 for Linux x86 still contains\nOpenSSL v1.0.0d. As long as all other products which SMH V7.3.3.1 for Linux\nx86 communicates with have been upgraded to the latest versions, it will not\nbe vulnerable to the exploits described in CVE-2014-0224. \n\nRelease Date: 2014-07-23\nLast Updated: 2014-07-23\n\nPotential Security Impact: Remote denial of service (DoS), code execution,\nunauthorized access, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP Insight\nControl server migration running on Linux and Windows which could be\nexploited remotely resulting in denial of service (DoS), code execution,\nunauthorized access, or disclosure of information. \n\nReferences:\n\nCVE-2010-5298 Remote Denial of Service\nCVE-2014-0076 Unauthorized Disclosure of Information\nCVE-2014-0195 Remote Unauthorized Access\nCVE-2014-0198 Remote Denial of Service\nCVE-2014-0221 Remote Denial of Service (DoS)\nCVE-2014-0224 Remote Unauthorized Access or Disclosure of Information\nCVE-2014-3470 Remote Code Execution or Unauthorized Access\nSSRT101647\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Insight Control server migration v7.2.2, v7.3, v7.3.1, and v7.3.2\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following updates to v7.3.2 of HP Insight Control server\nmigration to resolve these vulnerabilities by upgrading to version 7.3.3. \nPlease note that version 7.3.3 of HP Insight Control server migration is\nincluded on the HP Insight Management 7.3 Update 2 DVD. \n\nHP has provided the installation binaries for download from the following web\nsite by using the Receive for free option:\n\nhttp://h18013.www1.hp.com/products/servers/management/fpdownload.html\n\nCustomers using HP Insight Control server migration v7.2.2 must first upgrade\nfrom v7.2.2 to v7.3 by using the HP Insight Management v7.3 DVD, and then\nupgrade to v7.3.3 by using the HP Insight Management v7.3 Update 2 DVD. \n\nCustomers running HP Insight Control server migration v7.3, v7.3.1, or\nv7.3.2, can use the HP Insight Control server migration v7.3 Update 2 DVD to\ncomplete the upgrade. \n\nFor more information on the upgrade process, please refer to the HP Insight\nManagement Installation and Upgrade Guide and Release notes, which are\navailable at the following location:\n\nhttp://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind\nex.aspx?cat=insightmanagement\n\nNOTE: The upgrade paths described above update the entire HP Insight Control\nsoftware stack. To upgrade HP Insight Control server migration only, complete\nthe following steps:\n\nCopy \"hpsmp.exe\" to the local machine from the HP Insight Management v7.3.0\nUpdate 2 DVD ISO. Create batch file with the following commands:\n@echo off\nhpsmp.exe /verysilent /SVCPATCH=Install_Through_Patch\nCopy the batch file to the folder where \"hpsmp.exe\" normally resides on the\ntarget system. \nDouble click on the batch file. \nThe HP Insight Control server migration installation starts in a command\nprompt. \nThe command prompt closes when the installation finishes. \nAfter the installation completes it creates a log file (ICmigr.log) and an\noutput file (ICmigroutput.xml) on the target system. \nDo not close or click on the command prompt while the process is completing. \nDo not run the command prompt in the background. \n\nHISTORY\nVersion:1 (rev.1) - 23 July 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update\n2014-004\n\nOS X Mavericks 10.9.5 and Security Update 2014-004 are now available\nand address the following:\n\napache_mod_php\nAvailable for: OS X Mavericks 10.9 to 10.9.4\nImpact: Multiple vulnerabilities in PHP 5.4.24\nDescription: Multiple vulnerabilities existed in PHP 5.4.24, the\nmost serious of which may have led to arbitrary code execution. This\nupdate addresses the issues by updating PHP to version 5.4.30\nCVE-ID\nCVE-2013-7345\nCVE-2014-0185\nCVE-2014-0207\nCVE-2014-0237\nCVE-2014-0238\nCVE-2014-1943\nCVE-2014-2270\nCVE-2014-3478\nCVE-2014-3479\nCVE-2014-3480\nCVE-2014-3487\nCVE-2014-3515\nCVE-2014-3981\nCVE-2014-4049\n\nBluetooth\nAvailable for: OS X Mavericks 10.9 to 10.9.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A validation issue existed in the handling of a\nBluetooth API call. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2014-4390 : Ian Beer of Google Project Zero\n\nCoreGraphics\nAvailable for: OS X Mavericks 10.9 to 10.9.4\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or an information disclosure\nDescription: An out of bounds memory read existed in the handling of\nPDF files. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-4378 : Felipe Andres Manzano of Binamuse VRT working with\nthe iSIGHT Partners GVP Program\n\nCoreGraphics\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An integer overflow existed in the handling of PDF\nfiles. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-4377 : Felipe Andres Manzano of Binamuse VRT working with\nthe iSIGHT Partners GVP Program\n\nFoundation\nAvailable for: OS X Mavericks 10.9 to 10.9.4\nImpact: An application using NSXMLParser may be misused to disclose\ninformation\nDescription: An XML External Entity issue existed in NSXMLParser\u0027s\nhandling of XML. This issue was addressed by not loading external\nentities across origins. \nCVE-ID\nCVE-2014-4374 : George Gal of VSR (http://www.vsecurity.com/)\n\nIntel Graphics Driver\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 to 10.9.4\nImpact: Compiling untrusted GLSL shaders may lead to an unexpected\napplication termination or arbitrary code execution\nDescription: A user-space buffer overflow existed in the shader\ncompiler. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-4393 : Apple\n\nIntel Graphics Driver\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 to 10.9.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: Multiple validation issues existed in some integrated\ngraphics driver routines. These issues were addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2014-4394 : Ian Beer of Google Project Zero\nCVE-2014-4395 : Ian Beer of Google Project Zero\nCVE-2014-4396 : Ian Beer of Google Project Zero\nCVE-2014-4397 : Ian Beer of Google Project Zero\nCVE-2014-4398 : Ian Beer of Google Project Zero\nCVE-2014-4399 : Ian Beer of Google Project Zero\nCVE-2014-4400 : Ian Beer of Google Project Zero\nCVE-2014-4401 : Ian Beer of Google Project Zero\nCVE-2014-4416 : Ian Beer of Google Project Zero\n\nIOAcceleratorFamily\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 to 10.9.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A null pointer dereference existed in the handling of\nIOKit API arguments. This issue was addressed through improved\nvalidation of IOKit API arguments. \nCVE-ID\nCVE-2014-4376 : Ian Beer of Google Project Zero\n\nIOAcceleratorFamily\nAvailable for: OS X Mavericks 10.9 to 10.9.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: An out-of-bounds read issue existed in the handling of\nan IOAcceleratorFamily function. This issue was addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2014-4402 : Ian Beer of Google Project Zero\n\nIOHIDFamily\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 to 10.9.4\nImpact: A local user can read kernel pointers, which can be used to\nbypass kernel address space layout randomization\nDescription: An out-of-bounds read issue existed in the handling of\nan IOHIDFamily function. This issue was addressed through improved\nbounds checking. \nCVE-ID\nCVE-2014-4379 : Ian Beer of Google Project Zero\n\nIOKit\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 to 10.9.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A validation issue existed in the handling of certain\nmetadata fields of IODataQueue objects. This issue was addressed\nthrough improved validation of metadata. \nCVE-ID\nCVE-2014-4388 : @PanguTeam\n\nIOKit\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 to 10.9.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: An integer overflow existed in the handling of IOKit\nfunctions. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-4389 : Ian Beer of Google Project Zero\n\nKernel\nAvailable for: OS X Mavericks 10.9 to 10.9.4\nImpact: A local user can infer kernel addresses and bypass kernel\naddress space layout randomization\nDescription: In some cases, the CPU Global Descriptor Table was\nallocated at a predictable address. This issue was addressed through\nalways allocating the Global Descriptor Table at random addresses. \nCVE-ID\nCVE-2014-4403 : Ian Beer of Google Project Zero\n\nLibnotify\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 to 10.9.4\nImpact: A malicious application may be able to execute arbitrary\ncode with root privileges\nDescription: An out-of-bounds write issue existed in Libnotify. This\nissue was addressed through improved bounds checking\nCVE-ID\nCVE-2014-4381 : Ian Beer of Google Project Zero\n\nOpenSSL\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\nImpact: Multiple vulnerabilities in OpenSSL 0.9.8y, including one\nthat may lead to arbitrary code execution\nDescription: Multiple vulnerabilities existed in OpenSSL 0.9.8y. \nThis update was addressed by updating OpenSSL to version 0.9.8za. \nCVE-ID\nCVE-2014-0076\nCVE-2014-0195\nCVE-2014-0221\nCVE-2014-0224\nCVE-2014-3470\n\nQT Media Foundation\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\nImpact: Playing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the handling of\nRLE encoded movie files. This issue was addressed through improved\nbounds checking. \nCVE-ID\nCVE-2014-1391 : Fernando Munoz working with iDefense VCP, Tom\nGallagher \u0026 Paul Bates working with HP\u0027s Zero Day Initiative\n\nQT Media Foundation\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\nImpact: Playing a maliciously crafted MIDI file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of MIDI\nfiles. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-4350 : s3tm3m working with HP\u0027s Zero Day Initiative\n\nQT Media Foundation\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\nImpact: Playing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the handling of\nthe \u0027mvhd\u0027 atoms. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2014-4979 : Andrea Micalizzi aka rgod working with HP\u0027s Zero Day\nInitiative\n\nruby\nAvailable for: OS X Mavericks 10.9 to 10.9.4\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A heap buffer overflow existed in LibYAML\u0027s handling of\npercent-encoded characters in a URI. This issue was addressed through\nimproved bounds checking. This update addresses the issues by\nupdating LibYAML to version 0.1.6\nCVE-ID\nCVE-2014-2525\n\n\nNote: OS X Mavericks 10.9.5 includes the security content of\nSafari 7.0.6: http://support.apple.com/kb/HT6367\n\nOS X Mavericks v10.9.5 and Security Update 2014-004 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJUGkP0AAoJEBcWfLTuOo7tygQP/1vHYXtWy6492Tjj6ycymWa+\nCt0eCCBU/AUi5ODNDeV9ddWkuFeXKbgQSHoPU19IPcIBAKnYUupVJSJ/cEHfSthh\nCiROjJw8Bt8comn04BgggHieLveN1xQCXQDcO29kBIpQr394XKS0lNXP//Z0oG5V\nsCnEDPz/0R92mwT5XkKD9WC7G/WjybS5V7BjEbdzDOn4qdTVje05xI5pof+fkeQ1\nhFHo7uTCDkSzLH2YxrQHifNVyItz8AgnNHwH7zc6XmNtiNFkiFP/KU6BYyr8WiTQ\nJb3pyLB/Xvmbd0kuETnDNvV0oJc88G38a++xZPnuM7zQrW/TQkkKQpiqKtYAiJuw\nZhUoky620/7HULegcYtsTyuDFyEN6whdSmHLFCJzk2oZXZ7MPA8ywCFB8Y79rohW\n5MTe/zVUSxxYBgVXpkmhPwXYSTINeUJGJA1RQtXhC2Hh6O2jeqJP2H0hTmgsCBRA\n3X/2CGoyAAgoKTJwgXk07tBbJWf+wQwAvUN9L1Yph+uOvvUzqFt8LNEGw9jVPsZl\nQHcSEW/Ef/HK/OLwVZiPqse6lRJAdRZl5//vm4408jnXfJCy6KnvxcsO4Z1yTyoP\nkCXdWlSLBiidcRRWBfoQBSC3gANcx9a56ItWieEvJrdNOiyhb+gqEk7XraOlb/gf\nk4w2RKNm0Fv+kdNoFAnd\n=gpVc\n-----END PGP SIGNATURE-----\n\n. These vulnerabilities include: \n\n* The SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" also known as \"POODLE\", which could be exploited remotely\nresulting in disclosure of information. \n\n - HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2010-5298\n 4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L\n 4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)\n\n CVE-2014-0076\n 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2014-0195\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-0198\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0221\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0224\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-3470\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-3566\n 3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2016-0705\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE recommends applying the following software updates to resolve the\nvulnerabilities in the impacted versions of HPE StoreVirtual products running\nHPE LeftHand OS. \n\nLeftHand OS v11.5 - Patches 45019-00 and 45020 \nLeftHand OS v12.0 - Patches 50016-00 and 50017-00 \nLeftHand OS v12.5 - Patch 55016-00 \nLeftHand OS v12.6 - Patch 56002-00 \n\n**Notes:**\n\nThese patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision\nto OpenSSL v1.0.1e 48. \nThese patches migrate Certificate Authority Hashing Algorithm from a weak\nhashing algorithm SHA1 to the stronger hashing algorithm SHA256",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0076"
},
{
"db": "BID",
"id": "66363"
},
{
"db": "PACKETSTORM",
"id": "126087"
},
{
"db": "PACKETSTORM",
"id": "126097"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "126228"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "VULMON",
"id": "CVE-2014-0076"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "128315"
},
{
"db": "PACKETSTORM",
"id": "140720"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0076",
"trust": 2.9
},
{
"db": "BID",
"id": "66363",
"trust": 1.4
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 1.4
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59364",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59040",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59495",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59374",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59175",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59454",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59445",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59264",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60571",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58727",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59514",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59438",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.4
},
{
"db": "MCAFEE",
"id": "SB10071",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-0076",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128315",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127362",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127213",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127266",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127608",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131044",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127086",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126228",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126961",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127265",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128001",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126087",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0076"
},
{
"db": "BID",
"id": "66363"
},
{
"db": "PACKETSTORM",
"id": "128315"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "126228"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "126097"
},
{
"db": "PACKETSTORM",
"id": "126087"
},
{
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"id": "VAR-201403-0514",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.408460395
},
"last_update_date": "2024-07-23T20:28:55.089000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Debian Security Advisories: DSA-2908-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=438bf64e25a46a5ac11098b5720d1bb6"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2165-1"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0076",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=1fc1fc75c3cab4aa04eb437a09a1da4f"
},
{
"title": "Red Hat: CVE-2014-0076",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0076"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4a692d6d60aa31507cb101702b494c51"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/uvhw/uvhw.bitcoin.js "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hrbrmstr/internetdb "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/second-nsa-crypto-tool-found-in-rsa-bsafe/105143/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0076"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.5,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 1.4,
"url": "http://eprint.iacr.org/2014/140"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 1.4,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
},
{
"trust": 1.2,
"url": "http://advisories.mageia.org/mgasa-2014-0165.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/66363"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 1.1,
"url": "https://bugzilla.novell.com/show_bug.cgi?id=869945"
},
{
"trust": 1.1,
"url": "https://bugs.gentoo.org/show_bug.cgi?id=505278"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59438"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:067"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676424"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58727"
},
{
"trust": 1.1,
"url": "http://www.novell.com/support/kb/doc.php?id=7015300"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59514"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59495"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.1,
"url": "http://www.novell.com/support/kb/doc.php?id=7015264"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60571"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht6443"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59454"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59445"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59374"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59364"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59264"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59175"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59040"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58492"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2165-1"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html"
},
{
"trust": 1.1,
"url": "http://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=2198be3483259de374f91e57d247d0fc667aef29"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 0.8,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.8,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.8,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0076_cryptographic_issues"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list\u0026showdraft=false"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095202"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095218"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas3bf6e25d1260a4de686257cc100631528"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas3824bd213d0f7c3d086257cc10063152c"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl5"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/connections/blogs/psirt/entry/security_bulletin_aix_is_affected_by_a_vulnerability_in_openssl_cve_2014_0160?lang=en_us"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095187"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670738"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095124"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004581"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004611"
},
{
"trust": 0.3,
"url": "http://www.freebsd.org/security/advisories/freebsd-sa-14:06.openssl.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020681"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04343424"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04337774"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04336637"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037189"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037307"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671096"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676673"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671128"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671127"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670640"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21670640"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671100"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671098"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670316"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037451"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10071"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/33a01-5228bdf5d027e/cert_security_mini-_bulletin_xrx15ao_for_cq8570-cq8870_v1-0.pdf"
},
{
"trust": 0.3,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15295.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020021"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670401"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037380"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037382"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037384"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670905"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037379"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037381"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037383"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037393"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21670165"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004582"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095143"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095144"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676840"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020038"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671197"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682023"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670301"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670302"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670576"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682026"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682024"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21669859"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004616"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095841"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095217"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673715"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670339"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095203"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688949"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678668"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676424"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676092"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695392"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21681249"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671133"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004608"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020694"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670560"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670858"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673696"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095066"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004615"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21669664"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100179859"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100179858"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-511c3e0b2f6f4f6bbc796fc619"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-bd9a1cf60e344c549c4888db93"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-3395d737d98f42149125b9bb05"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-3a7aa5e233904ebe847a5e1555"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-d775367b0a28449ca05660778b"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-e8076c2a35804685ad65b2b1ba"
},
{
"trust": 0.2,
"url": "http://h18013.www1.hp.com/products/servers/management/hpsim/download.html"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0076"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/310.html"
},
{
"trust": 0.1,
"url": "https://github.com/uvhw/uvhw.bitcoin.js"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/second-nsa-crypto-tool-found-in-rsa-bsafe/105143/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=33767"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2165-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4378"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3487"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4379"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0238"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1943"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4376"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-7345"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4377"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4350"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4381"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0237"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3480"
},
{
"trust": 0.1,
"url": "http://www.vsecurity.com/)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2270"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0207"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3515"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht6367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3479"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1391"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3478"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4049"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4374"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3981"
},
{
"trust": 0.1,
"url": "http://h18013.www1.hp.com/products/servers/management/fpdownload.html"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-2c54f23c6dbc4d598e86fdef95"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-4480df0f6d544779b0143f5c3b"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0289"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0287"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150319.txt"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3570"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150108.txt"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0221"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0288"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0206"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3569"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-8208c3987b1b4a5093f3e8fcc3"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-c0d32bac154a4d93839d8cd1f2"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-8aefeaf490284a7691eca97d13"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-14:06/openssl.patch.asc"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-14:06/openssl-10.patch.asc"
},
{
"trust": 0.1,
"url": "http://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "http://eprint.iacr.org/2014/140.pdf\u003e"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/advisories/freebsd-sa-14:06.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/news/secadv_20140407.txt\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0076\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160\u003e"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-14:06/openssl-10.patch"
},
{
"trust": 0.1,
"url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-14:06/openssl.patch"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0076"
},
{
"db": "BID",
"id": "66363"
},
{
"db": "PACKETSTORM",
"id": "128315"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "126228"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "126097"
},
{
"db": "PACKETSTORM",
"id": "126087"
},
{
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2014-0076"
},
{
"db": "BID",
"id": "66363"
},
{
"db": "PACKETSTORM",
"id": "128315"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "126228"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "126097"
},
{
"db": "PACKETSTORM",
"id": "126087"
},
{
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-25T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0076"
},
{
"date": "2014-02-24T00:00:00",
"db": "BID",
"id": "66363"
},
{
"date": "2014-09-19T15:26:13",
"db": "PACKETSTORM",
"id": "128315"
},
{
"date": "2014-07-24T23:47:46",
"db": "PACKETSTORM",
"id": "127607"
},
{
"date": "2014-07-06T18:53:39",
"db": "PACKETSTORM",
"id": "127362"
},
{
"date": "2014-06-25T21:32:38",
"db": "PACKETSTORM",
"id": "127213"
},
{
"date": "2014-06-27T18:43:56",
"db": "PACKETSTORM",
"id": "127266"
},
{
"date": "2014-07-24T23:48:05",
"db": "PACKETSTORM",
"id": "127608"
},
{
"date": "2015-03-27T20:42:44",
"db": "PACKETSTORM",
"id": "131044"
},
{
"date": "2017-01-25T21:54:44",
"db": "PACKETSTORM",
"id": "140720"
},
{
"date": "2014-06-13T13:31:32",
"db": "PACKETSTORM",
"id": "127086"
},
{
"date": "2014-04-21T19:46:40",
"db": "PACKETSTORM",
"id": "126228"
},
{
"date": "2014-06-05T21:13:52",
"db": "PACKETSTORM",
"id": "126961"
},
{
"date": "2014-06-27T18:43:23",
"db": "PACKETSTORM",
"id": "127265"
},
{
"date": "2014-08-26T11:11:00",
"db": "PACKETSTORM",
"id": "128001"
},
{
"date": "2014-04-09T23:30:40",
"db": "PACKETSTORM",
"id": "126097"
},
{
"date": "2014-04-09T22:49:02",
"db": "PACKETSTORM",
"id": "126087"
},
{
"date": "2014-03-25T13:25:21.977000",
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0076"
},
{
"date": "2017-05-23T16:25:00",
"db": "BID",
"id": "66363"
},
{
"date": "2023-02-13T00:31:07.977000",
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "66363"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL CVE-2014-0076 Information Disclosure Weakness",
"sources": [
{
"db": "BID",
"id": "66363"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "66363"
}
],
"trust": 0.3
}
}
VAR-201506-0210
Vulnerability from variot - Updated: 2024-07-23 20:20The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function. OpenSSL is prone to denial-of-service vulnerability. An attacker may exploit this issue to cause a denial-of-service condition. The following are vulnerable: OpenSSL 1.0.2 prior to 1.0.2b OpenSSL 1.0.1 prior to 1.0.1n OpenSSL 1.0.0 prior to 1.0.0s OpenSSL 0.9.8 prior to 0.9.8zg. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04739301
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04739301 Version: 1
HPSBGN03371 rev.1 - HP IceWall Products running OpenSSL, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-07-10 Last Updated: 2015-07-10
Potential Security Impact: Remote Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP IceWall Products running OpenSSL. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Product Impacted Versions Impacted CVEs
HP IceWall MCRP v3.0 CVE-2015-1789 CVE-2015-1790 CVE-2015-1792
HP IceWall SSO Dfw v10.0 CVE-2015-1789 CVE-2015-1790 CVE-2015-1792
HP IceWall SSO Agent Option v10.0 CVE-2015-1789 CVE-2015-1790 CVE-2015-1792
HP IceWall SSO Certd v10.0 CVE-2015-1792
HP IceWall Federation Agent v3.0 CVE-2015-1792
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends applying the latest OS vendor security patches for OpenSSL to resolve the vulnerabilities for HP IceWall Products.
HP IceWall SSO Dfw v10.0 and Certd v10.0, which are running on RHEL, could be using either the OS bundled OpenSSL library or the OpenSSL bundled with HP IceWall. If still using the OpenSSL bundled with HP IceWall, please apply the latest OS vendor security patches for OpenSSL and switch to the OpenSSL library bundled with the OS.
Documents are available at the following location with instructions to switch to the OS bundled OpenSSL library:
http://www.hp.com/jp/icewall_patchaccess
Note: The HP IceWall product is only available in Japan.
HISTORY Version:1 (rev.1) - 10 July 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201506-02
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: June 22, 2015 Bugs: #551832 ID: 201506-02
Synopsis
Multiple vulnerabilities have been found in OpenSSL that can result in either Denial of Service or information disclosure.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.1o >= 0.9.8z_p7 >= 1.0.1o
Description
Multiple vulnerabilities have been found in OpenSSL. Please review the CVE identifiers referenced below for details.
Resolution
All OpenSSL 1.0.1 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1o"
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8z_p7"
References
[ 1 ] CVE-2014-8176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8176 [ 2 ] CVE-2015-1788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1788 [ 3 ] CVE-2015-1789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1789 [ 4 ] CVE-2015-1790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1790 [ 5 ] CVE-2015-1791 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1791 [ 6 ] CVE-2015-1792 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1792 [ 7 ] CVE-2015-4000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4000
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201506-02
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ============================================================================ Ubuntu Security Notice USN-2639-1 June 11, 2015
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in OpenSSL.
Software Description: - openssl: Secure Socket Layer (SSL) cryptographic library and tools
Details:
Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that OpenSSL incorrectly handled memory when buffering DTLS data. (CVE-2014-8176)
Joseph Barr-Pixton discovered that OpenSSL incorrectly handled malformed ECParameters structures. (CVE-2015-1788)
Robert Swiecki and Hanno B=C3=B6ck discovered that OpenSSL incorrectly handled certain ASN1_TIME strings. (CVE-2015-1791)
Johannes Bauer discovered that OpenSSL incorrectly handled verifying signedData messages using the CMS code. (CVE-2015-1792)
As a security improvement, this update also modifies OpenSSL behaviour to reject DH key sizes below 768 bits, preventing a possible downgrade attack.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: libssl1.0.0 1.0.1f-1ubuntu11.4
Ubuntu 14.10: libssl1.0.0 1.0.1f-1ubuntu9.8
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.15
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.31
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2639-1 CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792
Package Information: https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu11.4 https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu9.8 https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.15 https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.31 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-15:10.openssl Security Advisory The FreeBSD Project
Topic: Multiple OpenSSL vulnerabilities
Category: contrib Module: openssl Announced: 2015-06-12 Affects: All supported versions of FreeBSD. Corrected: 2015-06-11 19:07:45 UTC (stable/10, 10.1-STABLE) 2015-06-12 07:23:55 UTC (releng/10.1, 10.1-RELEASE-p12) 2015-06-11 19:39:27 UTC (stable/9, 9.3-STABLE) 2015-06-12 07:23:55 UTC (releng/9.3, 9.3-RELEASE-p16) 2015-06-11 19:39:27 UTC (stable/8, 8.4-STABLE) 2015-06-12 07:23:55 UTC (releng/8.4, 8.4-RELEASE-p30) CVE Name: CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 CVE-2015-1792, CVE-2015-4000
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I. Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
II. [CVE-2015-1791]
The OpenSSL advisory also describes a problem that is identified as CVE-2014-8176, which is already fixed by an earlier FreeBSD Errata Notice, FreeBSD-EN-15:02.openssl.
III. [CVE-2015-4000]. [CVE-2015-1788]. This affects FreeBSD 10.1 only, as the problem was no longer exist in OpenSSL 0.9.8 series since July 2012. [CVE-2015-1790]. [CVE-2015-1792]
An attacker may be able to crash multi-thread applications that supports resumed TLS handshakes. [CVE-2015-1791]
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 10.1]
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch.asc
gpg --verify openssl-10.1.patch.asc
[FreeBSD 9.3 and 8.4]
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch.asc
gpg --verify openssl-8.4.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart all deamons using the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r284286 releng/8.4/ r284295 stable/9/ r284286 releng/9.3/ r284295 stable/10/ r284285 releng/10.1/ r284295
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.1.4 (FreeBSD)
iQIcBAEBCgAGBQJVeopGAAoJEO1n7NZdz2rnzhQP/Ak6el188Y+7QbEYVfCZ7eG8 BQLj5TMGHV5swSKVlPcEuBlMwTjpgB5Gqhc8luDS0eIAuJGdcMPSrZDdXxWQFtPf pbfIwp/ElFc7d6ut0Y8t6fFLJbhTOoHJpzTGkFRfJkjinGOx7OZQPeLJsxSubbnL JKugZ3diH6yk6IPMf9SvhO/kYXUF1VbXQvHNTnqgdhFVkgF6tK22Pkl2XoJ9EHbh vBXft1yJwiYlZ//DxZuScTUj1pHYzK3bOpg//REJMWCMj1RVwQr2EyDa0Q2cT02d eRnSZykXD69eybyzEck+BvwnUYYJICimnHuE5t78UIr0D/NWyOAZTQ99z5TID5aV HXkcil+1E/Q+xBB4+5UOOnESf6cmiWwewQOVvD26ZY39E6oJXvsrWnyxIuCG6DL9 sLtxB6iTYlTX5Civ/VJX8H7rFiw4UwMembthvGzck22026iHjplWM3GCWz0E8O3R PrXBHjAzNFawK3owNMxFSUFTuFw/qY7EEwJ3SKCEC+hoxcLOl26NMxrQKRIAUk+I MMOaZfvOh2uM19y9SJZz8+sqU8gIm7ihDm5fuSkO8kY0jdvLwyS9bXAejN/lZ6oJ TyfTDDyXDOdaPpnpQehh6vQV0NiaJ+WXfGhfiE8/G/t6b1E0LlCaaGJTpYkildGe vVCM4Nyx4S9WDFOi76ug =dyhg -----END PGP SIGNATURE----- .
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1n-i486-1_slack14.1.txz: Upgraded. Fixes several bugs and security issues: o Malformed ECParameters causes infinite loop (CVE-2015-1788) o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) o CMS verify infinite loop with unknown hash function (CVE-2015-1792) o Race condition handling NewSessionTicket (CVE-2015-1791) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791 ( Security fix ) patches/packages/openssl-solibs-1.0.1n-i486-1_slack14.1.txz: Upgraded. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zg-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.0.txz
Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.0.txz
Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zg-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.1.txz
Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.1.txz
Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zg-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.37.txz
Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.37.txz
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1n-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1n-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1n-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1n-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1n-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1n-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1n-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1n-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1n-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1n-i586-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1n-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1n-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 packages: 383ecfed6bfef1440a44d7082745848a openssl-0.9.8zg-i486-1_slack13.0.txz fb186187ffa200e22d9450a9d0e321f6 openssl-solibs-0.9.8zg-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages: eb52318ed52fef726402f0b2a74745c5 openssl-0.9.8zg-x86_64-1_slack13.0.txz 9447927b960a01b21149e28a9783021f openssl-solibs-0.9.8zg-x86_64-1_slack13.0.txz
Slackware 13.1 packages: 37f46f6b4fe2acbe217eaf7c0b33b704 openssl-0.9.8zg-i486-1_slack13.1.txz 986de2e71676f61d788a59a1e0c8de1f openssl-solibs-0.9.8zg-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages: 6b160ce817dcde3ae5b3a861b284387b openssl-0.9.8zg-x86_64-1_slack13.1.txz 503d891680c711162386ea7e3daadca8 openssl-solibs-0.9.8zg-x86_64-1_slack13.1.txz
Slackware 13.37 packages: 5e7501b1d73d01d3d87704c3cfd3a888 openssl-0.9.8zg-i486-1_slack13.37.txz 874f0b59870dd3f259640c9930a02f99 openssl-solibs-0.9.8zg-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages: b6d91614458040d461dff3c3eab45206 openssl-0.9.8zg-x86_64-1_slack13.37.txz be106df5e59c2be7fa442df8ba85ad0b openssl-solibs-0.9.8zg-x86_64-1_slack13.37.txz
Slackware 14.0 packages: ee7c3937e6a6d7ac7537f751af7da7b9 openssl-1.0.1n-i486-1_slack14.0.txz 758662437d33f99ec0a686cedeb1919e openssl-solibs-1.0.1n-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 2dfdc4729e93cf460018e9e30a6223dc openssl-1.0.1n-x86_64-1_slack14.0.txz 9cb4b34e97e60f6bfe4c843aabeae954 openssl-solibs-1.0.1n-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 5a9bf08d55615cfc097109c2e3786f7b openssl-1.0.1n-i486-1_slack14.1.txz fb1c05468e5c38d51a8ff6ac435e3a20 openssl-solibs-1.0.1n-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: 1ef5cede3f954c3e4741012ffa76b750 openssl-1.0.1n-x86_64-1_slack14.1.txz ea22c288c60ae1d7ea8c5b3a1608462b openssl-solibs-1.0.1n-x86_64-1_slack14.1.txz
Slackware -current packages: 56db8712d653c060f910e8915a8f8656 a/openssl-solibs-1.0.1n-i586-1.txz 6d6264c9943e27240db5c8f5ec342e27 n/openssl-1.0.1n-i586-1.txz
Slackware x86_64 -current packages: e73f7aff5aa0ad14bc06428544f99ae2 a/openssl-solibs-1.0.1n-x86_64-1.txz 91b550b9eb0ac0c580e158375a93c0e4 n/openssl-1.0.1n-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1n-i486-1_slack14.1.txz openssl-solibs-1.0.1n-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. OpenSSL Security Advisory [11 Jun 2015] =======================================
DHE man-in-the-middle protection (Logjam)
A vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam (CVE-2015-4000).
OpenSSL has added protection for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits. This limit will be increased to 1024 bits in a future release.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n
Fixes for this issue were developed by Emilia Käsper and Kurt Roeckx of the OpenSSL development team.
This can be used to perform denial of service against any system which processes public keys, certificate requests or certificates. This includes TLS clients and TLS servers with client authentication enabled.
This issue affects OpenSSL versions: 1.0.2 and 1.0.1. Recent 1.0.0 and 0.9.8 versions are not affected. 1.0.0d and 0.9.8r and below are affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s OpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The fix was developed by Andy Polyakov of the OpenSSL development team.
Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
Severity: Moderate
X509_cmp_time does not properly check the length of the ASN1_TIME string and can read a few bytes out of bounds. In addition, X509_cmp_time accepts an arbitrary number of fractional seconds in the time string.
An attacker can use this to craft malformed certificates and CRLs of various sizes and potentially cause a segmentation fault, resulting in a DoS on applications that verify certificates or CRLs. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 8th April 2015 by Robert Swiecki (Google), and independently on 11th April 2015 by Hanno Böck. The fix was developed by Emilia Käsper of the OpenSSL development team.
PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
Severity: Moderate
The PKCS#7 parsing code does not handle missing inner EncryptedContent correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with missing content and trigger a NULL pointer dereference on parsing.
Applications that decrypt PKCS#7 data or otherwise parse PKCS#7 structures from untrusted sources are affected. OpenSSL clients and servers are not affected.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 18th April 2015 by Michal Zalewski (Google). The fix was developed by Emilia Käsper of the OpenSSL development team.
CMS verify infinite loop with unknown hash function (CVE-2015-1792)
Severity: Moderate
When verifying a signedData message the CMS code can enter an infinite loop if presented with an unknown hash function OID.
This can be used to perform denial of service against any system which verifies signedData messages using the CMS code.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 31st March 2015 by Johannes Bauer. The fix was developed by Dr. Stephen Henson of the OpenSSL development team.
Race condition handling NewSessionTicket (CVE-2015-1791)
Severity: Low
If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was discovered by Emilia Käsper of the OpenSSL development team. The fix was developed by Matt Caswell of the OpenSSL development team.
Invalid free in DTLS (CVE-2014-8176)
Severity: Moderate
This vulnerability does not affect current versions of OpenSSL. It existed in previous OpenSSL versions and was fixed in June 2014.
If a DTLS peer receives application data between the ChangeCipherSpec and Finished messages, buffering of such data may cause an invalid free, resulting in a segmentation fault or potentially, memory corruption.
This issue affected older OpenSSL versions 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
This issue was originally reported on March 28th 2014 in https://rt.openssl.org/Ticket/Display.html?id=3286 by Praveen Kariyanahalli, and subsequently by Ivan Fratric and Felix Groebert (Google). A fix was developed by zhu qun-ying.
The fix for this issue can be identified by commits bcc31166 (1.0.1), b79e6e3a (1.0.0) and 4b258e73 (0.9.8).
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date. Users of these releases are advised to upgrade.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20150611.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0210",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "15.1"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.3"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0q"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0o"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0n"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0r"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8zf"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.9,
"vendor": "juniper",
"version": null
},
{
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "hs series all versions"
},
{
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle transportation management 6.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.9.5"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.01"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator probe option ver3.1.0.x to ver4.1.0.x"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.02"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "webotx sip application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v7.1 to v8.1"
},
{
"model": "univerge",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "3c cmm"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.8.5"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator agent ver3.3 to ver4.1"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v4.2 to v6.5"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.2"
},
{
"model": "peoplesoft products",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of peoplesoft enterprise peopletools 8.54"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v7.1"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.10 to 10.10.4"
},
{
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.0"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.2"
},
{
"model": "univerge",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "3c ucm"
},
{
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle transportation management 6.1"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v7.1"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.5.10.2"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard-j edition v7.1 to v8.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series sg3600lm/lg/lj v6.1"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "systemmanager ver5.5.2 to ver6.2.1"
},
{
"model": "peoplesoft products",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of peoplesoft enterprise peopletools 8.53"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series intersecvm/sg v1.2"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v4.1 to v6.5"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard v8.2 to v9.2"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "jobcenter r14.1"
},
{
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "nv7500/nv5500/nv3500 series"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.1"
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.4 to v9.2"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard-j edition v4.1 to v6.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0s"
},
{
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "nv7400/nv5400/nv3400 series"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator manager ver3.2.2 to ver4.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v4.2 to v6.5"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v4.0"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "mcoperations ver3.6.2 to ver4.2"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "system management homepage",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v7.1 to v8.1"
},
{
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.1"
},
{
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle exalogic infrastructure eecs 2.0.6.2.3"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "uddi registry v1.1 to v7.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series univerge sg3000lg/lj"
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0 manager component"
},
{
"model": "junos 12.1x46-d25",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "security network controller 1.0.3361m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.6"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.4"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.211"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.53"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.0.0"
},
{
"model": "junos 12.1x44-d33",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "buildforge ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.28"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.5"
},
{
"model": "junos 12.1x47-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "junos 14.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.2"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "version control agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "open source siem",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.4"
},
{
"model": "worklight foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.20"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.1"
},
{
"model": "junos 13.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "abyp-4tl-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.4"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "netinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"model": "storwize unified",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.2"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "ascenlink",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "7.2.3"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.16"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "insight control server provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x44-d51",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "project openssl 0.9.8zb",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "netscaler t1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.9"
},
{
"model": "worklight foundation enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.20"
},
{
"model": "workflow for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "junos 13.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "imc products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"model": "junos 12.1x44-d50",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.4"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0"
},
{
"model": "enterprise linux server eus 6.6.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "junos 14.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.11"
},
{
"model": "project openssl 1.0.0m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.27"
},
{
"model": "linux enterprise server sp2 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "communications security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0"
},
{
"model": "qradar incident forensics mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "junos 12.3x48-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "command center appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.2"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.2"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.2"
},
{
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sdk for node.js for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0.10.38"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "system networking rackswitch g8316",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.00"
},
{
"model": "filenet system monitor interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.0.3"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0"
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.3x48-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "infosphere master data management patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.33"
},
{
"model": "junos 12.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.1n",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "enterprise content management system monitor fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.02"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.10"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "qradar siem mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.6"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "junos 15.1r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "abyp-2t-1s-1l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "security network controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.03"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "junos 14.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.1"
},
{
"model": "system networking rackswitch g8264t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"model": "qradar siem mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.1"
},
{
"model": "junos 14.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.0"
},
{
"model": "enterprise content management system monitor interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.3"
},
{
"model": "abyp-2t-1s-1l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "project openssl 1.0.2b",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "system networking rackswitch g8052",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.68"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"model": "system networking rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.10"
},
{
"model": "abyp-10g-2sr-2lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "junos 13.3r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.14"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "abyp-2t-2s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "security proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "aura conferencing sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.08"
},
{
"model": "system networking rackswitch g8264cs",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.11.0"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.9.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"model": "security network controller 1.0.3387m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos 12.1x44-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos d40",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos 12.1x44-d30.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system networking rackswitch g8052",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "junos 15.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network controller 1.0.3379m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "project openssl 0.9.8za",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "abyp-0t-4s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "junos d20",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "comware products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "50"
},
{
"model": "exalogic infrastructure eecs",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.6.2.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "abyp-4ts-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.213"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.14"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1.1"
},
{
"model": "infosphere master data management provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "abyp-10g-4lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "abyp-10g-4lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "hp-ux b.11.11.16.09",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.13"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.12.3"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "smartcloud entry fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.413"
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.34"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.2"
},
{
"model": "netinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.14"
},
{
"model": "cognos insight standard edition fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.214"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "abyp-0t-0s-4l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "abyp-4t-0s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.16"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "icewall federation agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.3.3"
},
{
"model": "hp-ux b.11.11.13.14",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "system networking rackswitch g8124-e",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.41"
},
{
"model": "junos 14.1r6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.16"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "system networking rackswitch g8124-e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"model": "abyp-0t-2s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"model": "project openssl 0.9.8ze",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "comware products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "70"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "project openssl 1.0.0o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "fortirecorder",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0.1"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "hp-ux b.11.23.1.007",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.9"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "forticlient windows/mac",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.3"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.1"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "abyp-0t-2s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "abyp-2t-0s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3387"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.64"
},
{
"model": "abyp-10g-4sr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "15.2"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "security network controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security identity governance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.8"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "enterprise session border controller ecz7.3m2p2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"model": "version control repository manager 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "ds8870 r7.5",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "system networking rackswitch g8264t",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "system networking rackswitch g8264",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.2.0"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "system networking rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.411"
},
{
"model": "sdk for node.js for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0.12.4"
},
{
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.12"
},
{
"model": "qradar siem mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.18"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.4.0.4.0"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "junos 13.2x51-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.17"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 14.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.3"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "fortivoice enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0.6"
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x46-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "hp-ux b.11.11.02.008",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x44-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.11"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.16"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.0"
},
{
"model": "system networking rackswitch g8264",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.0"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x46-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "junos 12.1x47-d11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "system networking rackswitch g8332",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.21.0"
},
{
"model": "system networking rackswitch g8124",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.5"
},
{
"model": "websphere mq",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "junos 12.3r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "ip office application server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.01"
},
{
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.14"
},
{
"model": "abyp-10g-4sr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "fortisandbox",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10.2"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "project openssl 0.9.8zg",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 14.2r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "junos 13.2x51-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "powerkvm build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.157"
},
{
"model": "junos 13.2x51-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "virtual connect enterprise manager sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "buildforge ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.66"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"model": "abyp-0t-4s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "16.1"
},
{
"model": "junos 12.1x47-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"model": "insight orchestration",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "qradar siem mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1"
},
{
"model": "project openssl 1.0.0s",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.3"
},
{
"model": "junos d35",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "vcx products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "rational software architect for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "ip office application server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.02"
},
{
"model": "qradar incident forensics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "junos 12.1x47-d45",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"model": "qradar siem mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"model": "security network controller 1.0.3381m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "system networking rackswitch g8264cs",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"model": "junos 12.1x44-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.13"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "junos 12.1x46-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.5"
},
{
"model": "hp-ux b.11.11.17.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.9"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.01"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "fortiddos",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.1.5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.0.2"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "secure backup",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "forticlient ios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.1"
},
{
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "project openssl 0.9.8zf",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "forticlient android",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.6"
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "cloudbridge",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "sonas",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "hp-ux b.11.23.07.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "abyp-0t-0s-4l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "system networking rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"model": "qradar incident forensics mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "aura conferencing sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.1"
},
{
"model": "junos 12.3x48-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system networking rackswitch g8316",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0"
},
{
"model": "abyp-2t-2s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "abyp-4tl-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.3"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "operations agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "11.15"
},
{
"model": "abyp-4ts-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.02"
},
{
"model": "project openssl 1.0.0p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.1"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "junos 12.1x46-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.3"
},
{
"model": "junos 12.3r11",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.09"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "linux enterprise server sp1 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.1"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "abyp-10g-2sr-2lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.5"
},
{
"model": "junos 13.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"model": "cognos insight standard edition fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.24"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.3"
},
{
"model": "project openssl 0.9.8zc",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "project openssl 1.0.0n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.0.3"
},
{
"model": "infosphere guardium for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"model": "project openssl 1.0.0r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 15.1x49-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0"
},
{
"model": "insight control",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "forticache",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "server migration pack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "abyp-4t-0s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.41"
},
{
"model": "project openssl 0.9.8zd",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.2"
},
{
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "junos 14.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "buildforge ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.37"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "workload deployer if9",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.010"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.10"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "worklight foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.13"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.2"
},
{
"model": "server migration pack",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "junos 12.3r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "16.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.6"
},
{
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.43"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "system networking rackswitch g8124",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"model": "cognos insight standard edition fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.124"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.0"
},
{
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4"
},
{
"model": "qradar siem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "fsso build",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "235"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "worklight foundation enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "hp-ux b.11.11.14.15",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "junos 12.1x44-d35.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.3x48-d30",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system networking rackswitch g8332",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.20.0"
},
{
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"model": "fortiadc",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.2"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.5"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.12"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3"
},
{
"model": "security network controller 1.0.3376m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3.1"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"model": "operations agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "12.01"
},
{
"model": "unified security management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.4"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.15"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3379"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "netscaler service delivery appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "junos 13.2x51-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "matrix operating environment",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.7"
},
{
"model": "junos 12.1x46-d36",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.8"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "hp-ux b.11.11.15.13",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.05"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.14"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "qradar incident forensics patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.41"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"model": "session border controller for enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.0"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.12"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "junos 15.1x49-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fortiauthenticator",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.1"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.3"
},
{
"model": "abyp-2t-0s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "system networking rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"model": "junos 12.1x46-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "icewall sso certd",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "junos 12.1x47-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "project openssl 1.0.0q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.3r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.214"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "15.04"
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "qradar siem mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.19"
},
{
"model": "junos 12.1x44-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "75154"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003084"
},
{
"db": "NVD",
"id": "CVE-2015-1792"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.9.8zf",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1792"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Johannes Bauer",
"sources": [
{
"db": "BID",
"id": "75154"
}
],
"trust": 0.3
},
"cve": "CVE-2015-1792",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-1792",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-1792",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-1792",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1792"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003084"
},
{
"db": "NVD",
"id": "CVE-2015-1792"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function. OpenSSL is prone to denial-of-service vulnerability. \nAn attacker may exploit this issue to cause a denial-of-service condition. \nThe following are vulnerable:\nOpenSSL 1.0.2 prior to 1.0.2b\nOpenSSL 1.0.1 prior to 1.0.1n\nOpenSSL 1.0.0 prior to 1.0.0s\nOpenSSL 0.9.8 prior to 0.9.8zg. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04739301\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04739301\nVersion: 1\n\nHPSBGN03371 rev.1 - HP IceWall Products running OpenSSL, Remote Denial of\nService (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-07-10\nLast Updated: 2015-07-10\n\nPotential Security Impact: Remote Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP IceWall\nProducts running OpenSSL. The vulnerabilities could be exploited remotely\nresulting in Denial of Service (DoS). \nProduct\n Impacted Versions\n Impacted CVEs\n\nHP IceWall MCRP\n v3.0\n CVE-2015-1789\nCVE-2015-1790\nCVE-2015-1792\n\nHP IceWall SSO Dfw\n v10.0\n CVE-2015-1789\nCVE-2015-1790\nCVE-2015-1792\n\nHP IceWall SSO Agent Option\n v10.0\n CVE-2015-1789\nCVE-2015-1790\nCVE-2015-1792\n\nHP IceWall SSO Certd\n v10.0\n CVE-2015-1792\n\nHP IceWall Federation Agent\n v3.0\n CVE-2015-1792\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP recommends applying the latest OS vendor security patches for OpenSSL to\nresolve the vulnerabilities for HP IceWall Products. \n\n HP IceWall SSO Dfw v10.0 and Certd v10.0, which are running on RHEL, could\nbe using either the OS bundled OpenSSL library or the OpenSSL bundled with HP\nIceWall. If still using the OpenSSL bundled with HP IceWall, please apply the\nlatest OS vendor security patches for OpenSSL and switch to the OpenSSL\nlibrary bundled with the OS. \n\n Documents are available at the following location with instructions to\nswitch to the OS bundled OpenSSL library:\n\n http://www.hp.com/jp/icewall_patchaccess\n\n Note: The HP IceWall product is only available in Japan. \n\nHISTORY\nVersion:1 (rev.1) - 10 July 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201506-02\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: June 22, 2015\n Bugs: #551832\n ID: 201506-02\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL that can result in\neither Denial of Service or information disclosure. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.1o \u003e= 0.9.8z_p7\n \u003e= 1.0.1o\n\nDescription\n===========\n\nMultiple vulnerabilities have been found in OpenSSL. Please review the\nCVE identifiers referenced below for details. \n\nResolution\n==========\n\nAll OpenSSL 1.0.1 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.1o\"\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8z_p7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2014-8176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8176\n[ 2 ] CVE-2015-1788\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1788\n[ 3 ] CVE-2015-1789\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1789\n[ 4 ] CVE-2015-1790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1790\n[ 5 ] CVE-2015-1791\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1791\n[ 6 ] CVE-2015-1792\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1792\n[ 7 ] CVE-2015-4000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4000\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201506-02\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. ============================================================================\nUbuntu Security Notice USN-2639-1\nJune 11, 2015\n\nopenssl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. \n\nSoftware Description:\n- openssl: Secure Socket Layer (SSL) cryptographic library and tools\n\nDetails:\n\nPraveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that\nOpenSSL incorrectly handled memory when buffering DTLS data. (CVE-2014-8176)\n\nJoseph Barr-Pixton discovered that OpenSSL incorrectly handled malformed\nECParameters structures. (CVE-2015-1788)\n\nRobert Swiecki and Hanno B=C3=B6ck discovered that OpenSSL incorrectly handled\ncertain ASN1_TIME strings. \n(CVE-2015-1791)\n\nJohannes Bauer discovered that OpenSSL incorrectly handled verifying\nsignedData messages using the CMS code. \n(CVE-2015-1792)\n\nAs a security improvement, this update also modifies OpenSSL behaviour to\nreject DH key sizes below 768 bits, preventing a possible downgrade\nattack. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n libssl1.0.0 1.0.1f-1ubuntu11.4\n\nUbuntu 14.10:\n libssl1.0.0 1.0.1f-1ubuntu9.8\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.15\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.31\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-2639-1\n CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790,\n CVE-2015-1791, CVE-2015-1792\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu11.4\n https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu9.8\n https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.15\n https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.31\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-15:10.openssl Security Advisory\n The FreeBSD Project\n\nTopic: Multiple OpenSSL vulnerabilities\n\nCategory: contrib\nModule: openssl\nAnnounced: 2015-06-12\nAffects: All supported versions of FreeBSD. \nCorrected: 2015-06-11 19:07:45 UTC (stable/10, 10.1-STABLE)\n 2015-06-12 07:23:55 UTC (releng/10.1, 10.1-RELEASE-p12)\n 2015-06-11 19:39:27 UTC (stable/9, 9.3-STABLE)\n 2015-06-12 07:23:55 UTC (releng/9.3, 9.3-RELEASE-p16)\n 2015-06-11 19:39:27 UTC (stable/8, 8.4-STABLE)\n 2015-06-12 07:23:55 UTC (releng/8.4, 8.4-RELEASE-p30)\nCVE Name: CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791\n CVE-2015-1792, CVE-2015-4000\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nI. Background\n\nFreeBSD includes software from the OpenSSL Project. The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured\nOpen Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nII. [CVE-2015-1791]\n\nThe OpenSSL advisory also describes a problem that is identified as\nCVE-2014-8176, which is already fixed by an earlier FreeBSD Errata\nNotice, FreeBSD-EN-15:02.openssl. \n\nIII. [CVE-2015-4000]. \n[CVE-2015-1788]. This affects FreeBSD 10.1 only, as the problem\nwas no longer exist in OpenSSL 0.9.8 series since July 2012. [CVE-2015-1790]. [CVE-2015-1792]\n\nAn attacker may be able to crash multi-thread applications that\nsupports resumed TLS handshakes. [CVE-2015-1791]\n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 10.1]\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch.asc\n# gpg --verify openssl-10.1.patch.asc\n\n[FreeBSD 9.3 and 8.4]\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch.asc\n# gpg --verify openssl-8.4.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all deamons using the library, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r284286\nreleng/8.4/ r284295\nstable/9/ r284286\nreleng/9.3/ r284295\nstable/10/ r284285\nreleng/10.1/ r284295\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://www.openssl.org/news/secadv_20150611.txt\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788\u003e \n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:10.openssl.asc\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.1.4 (FreeBSD)\n\niQIcBAEBCgAGBQJVeopGAAoJEO1n7NZdz2rnzhQP/Ak6el188Y+7QbEYVfCZ7eG8\nBQLj5TMGHV5swSKVlPcEuBlMwTjpgB5Gqhc8luDS0eIAuJGdcMPSrZDdXxWQFtPf\npbfIwp/ElFc7d6ut0Y8t6fFLJbhTOoHJpzTGkFRfJkjinGOx7OZQPeLJsxSubbnL\nJKugZ3diH6yk6IPMf9SvhO/kYXUF1VbXQvHNTnqgdhFVkgF6tK22Pkl2XoJ9EHbh\nvBXft1yJwiYlZ//DxZuScTUj1pHYzK3bOpg//REJMWCMj1RVwQr2EyDa0Q2cT02d\neRnSZykXD69eybyzEck+BvwnUYYJICimnHuE5t78UIr0D/NWyOAZTQ99z5TID5aV\nHXkcil+1E/Q+xBB4+5UOOnESf6cmiWwewQOVvD26ZY39E6oJXvsrWnyxIuCG6DL9\nsLtxB6iTYlTX5Civ/VJX8H7rFiw4UwMembthvGzck22026iHjplWM3GCWz0E8O3R\nPrXBHjAzNFawK3owNMxFSUFTuFw/qY7EEwJ3SKCEC+hoxcLOl26NMxrQKRIAUk+I\nMMOaZfvOh2uM19y9SJZz8+sqU8gIm7ihDm5fuSkO8kY0jdvLwyS9bXAejN/lZ6oJ\nTyfTDDyXDOdaPpnpQehh6vQV0NiaJ+WXfGhfiE8/G/t6b1E0LlCaaGJTpYkildGe\nvVCM4Nyx4S9WDFOi76ug\n=dyhg\n-----END PGP SIGNATURE-----\n. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1n-i486-1_slack14.1.txz: Upgraded. \n Fixes several bugs and security issues:\n o Malformed ECParameters causes infinite loop (CVE-2015-1788)\n o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)\n o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)\n o CMS verify infinite loop with unknown hash function (CVE-2015-1792)\n o Race condition handling NewSessionTicket (CVE-2015-1791)\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791\n (* Security fix *)\npatches/packages/openssl-solibs-1.0.1n-i486-1_slack14.1.txz: Upgraded. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zg-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zg-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zg-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1n-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1n-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1n-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1n-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1n-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1n-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1n-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1n-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1n-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1n-i586-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1n-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1n-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n383ecfed6bfef1440a44d7082745848a openssl-0.9.8zg-i486-1_slack13.0.txz\nfb186187ffa200e22d9450a9d0e321f6 openssl-solibs-0.9.8zg-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\neb52318ed52fef726402f0b2a74745c5 openssl-0.9.8zg-x86_64-1_slack13.0.txz\n9447927b960a01b21149e28a9783021f openssl-solibs-0.9.8zg-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n37f46f6b4fe2acbe217eaf7c0b33b704 openssl-0.9.8zg-i486-1_slack13.1.txz\n986de2e71676f61d788a59a1e0c8de1f openssl-solibs-0.9.8zg-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\n6b160ce817dcde3ae5b3a861b284387b openssl-0.9.8zg-x86_64-1_slack13.1.txz\n503d891680c711162386ea7e3daadca8 openssl-solibs-0.9.8zg-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n5e7501b1d73d01d3d87704c3cfd3a888 openssl-0.9.8zg-i486-1_slack13.37.txz\n874f0b59870dd3f259640c9930a02f99 openssl-solibs-0.9.8zg-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\nb6d91614458040d461dff3c3eab45206 openssl-0.9.8zg-x86_64-1_slack13.37.txz\nbe106df5e59c2be7fa442df8ba85ad0b openssl-solibs-0.9.8zg-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\nee7c3937e6a6d7ac7537f751af7da7b9 openssl-1.0.1n-i486-1_slack14.0.txz\n758662437d33f99ec0a686cedeb1919e openssl-solibs-1.0.1n-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n2dfdc4729e93cf460018e9e30a6223dc openssl-1.0.1n-x86_64-1_slack14.0.txz\n9cb4b34e97e60f6bfe4c843aabeae954 openssl-solibs-1.0.1n-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n5a9bf08d55615cfc097109c2e3786f7b openssl-1.0.1n-i486-1_slack14.1.txz\nfb1c05468e5c38d51a8ff6ac435e3a20 openssl-solibs-1.0.1n-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\n1ef5cede3f954c3e4741012ffa76b750 openssl-1.0.1n-x86_64-1_slack14.1.txz\nea22c288c60ae1d7ea8c5b3a1608462b openssl-solibs-1.0.1n-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n56db8712d653c060f910e8915a8f8656 a/openssl-solibs-1.0.1n-i586-1.txz\n6d6264c9943e27240db5c8f5ec342e27 n/openssl-1.0.1n-i586-1.txz\n\nSlackware x86_64 -current packages:\ne73f7aff5aa0ad14bc06428544f99ae2 a/openssl-solibs-1.0.1n-x86_64-1.txz\n91b550b9eb0ac0c580e158375a93c0e4 n/openssl-1.0.1n-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1n-i486-1_slack14.1.txz openssl-solibs-1.0.1n-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. OpenSSL Security Advisory [11 Jun 2015]\n=======================================\n\nDHE man-in-the-middle protection (Logjam)\n====================================================================\n\nA vulnerability in the TLS protocol allows a man-in-the-middle\nattacker to downgrade vulnerable TLS connections using ephemeral\nDiffie-Hellman key exchange to 512-bit export-grade cryptography. This\nvulnerability is known as Logjam (CVE-2015-4000). \n\nOpenSSL has added protection for TLS clients by rejecting handshakes\nwith DH parameters shorter than 768 bits. This limit will be increased\nto 1024 bits in a future release. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\n\nFixes for this issue were developed by Emilia K\u00e4sper and Kurt Roeckx\nof the OpenSSL development team. \n\nThis can be used to perform denial of service against any\nsystem which processes public keys, certificate requests or\ncertificates. This includes TLS clients and TLS servers with\nclient authentication enabled. \n\nThis issue affects OpenSSL versions: 1.0.2 and 1.0.1. Recent\n1.0.0 and 0.9.8 versions are not affected. 1.0.0d and 0.9.8r and below are\naffected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s\nOpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The\nfix was developed by Andy Polyakov of the OpenSSL development team. \n\nExploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)\n===============================================================\n\nSeverity: Moderate\n\nX509_cmp_time does not properly check the length of the ASN1_TIME\nstring and can read a few bytes out of bounds. In addition,\nX509_cmp_time accepts an arbitrary number of fractional seconds in the\ntime string. \n\nAn attacker can use this to craft malformed certificates and CRLs of\nvarious sizes and potentially cause a segmentation fault, resulting in\na DoS on applications that verify certificates or CRLs. TLS clients\nthat verify CRLs are affected. TLS clients and servers with client\nauthentication enabled may be affected if they use custom verification\ncallbacks. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 8th April 2015 by Robert Swiecki\n(Google), and independently on 11th April 2015 by Hanno B\u00f6ck. The fix\nwas developed by Emilia K\u00e4sper of the OpenSSL development team. \n\nPKCS7 crash with missing EnvelopedContent (CVE-2015-1790)\n=========================================================\n\nSeverity: Moderate\n\nThe PKCS#7 parsing code does not handle missing inner EncryptedContent\ncorrectly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs\nwith missing content and trigger a NULL pointer dereference on parsing. \n\nApplications that decrypt PKCS#7 data or otherwise parse PKCS#7\nstructures from untrusted sources are affected. OpenSSL clients and\nservers are not affected. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 18th April 2015 by Michal\nZalewski (Google). The fix was developed by Emilia K\u00e4sper of the\nOpenSSL development team. \n\nCMS verify infinite loop with unknown hash function (CVE-2015-1792)\n===================================================================\n\nSeverity: Moderate\n\nWhen verifying a signedData message the CMS code can enter an infinite loop\nif presented with an unknown hash function OID. \n\nThis can be used to perform denial of service against any system which\nverifies signedData messages using the CMS code. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 31st March 2015 by Johannes Bauer. The\nfix was developed by Dr. Stephen Henson of the OpenSSL development team. \n\nRace condition handling NewSessionTicket (CVE-2015-1791)\n========================================================\n\nSeverity: Low\n\nIf a NewSessionTicket is received by a multi-threaded client when attempting to\nreuse a previous ticket then a race condition can occur potentially leading to\na double free of the ticket data. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was discovered by Emilia K\u00e4sper of the OpenSSL development team. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nInvalid free in DTLS (CVE-2014-8176)\n====================================\n\nSeverity: Moderate\n\nThis vulnerability does not affect current versions of OpenSSL. It\nexisted in previous OpenSSL versions and was fixed in June 2014. \n\nIf a DTLS peer receives application data between the ChangeCipherSpec\nand Finished messages, buffering of such data may cause an invalid\nfree, resulting in a segmentation fault or potentially, memory\ncorruption. \n\nThis issue affected older OpenSSL versions 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThis issue was originally reported on March 28th 2014 in\nhttps://rt.openssl.org/Ticket/Display.html?id=3286 by Praveen\nKariyanahalli, and subsequently by Ivan Fratric and Felix Groebert\n(Google). A fix was developed by zhu qun-ying. \n\nThe fix for this issue can be identified by commits bcc31166 (1.0.1),\nb79e6e3a (1.0.0) and 4b258e73 (0.9.8). \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions\n1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these\nreleases will be provided after that date. Users of these releases are advised\nto upgrade. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20150611.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1792"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003084"
},
{
"db": "BID",
"id": "75154"
},
{
"db": "VULMON",
"id": "CVE-2015-1792"
},
{
"db": "PACKETSTORM",
"id": "132637"
},
{
"db": "PACKETSTORM",
"id": "132398"
},
{
"db": "PACKETSTORM",
"id": "132260"
},
{
"db": "PACKETSTORM",
"id": "132288"
},
{
"db": "PACKETSTORM",
"id": "132285"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "169629"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-1792",
"trust": 3.0
},
{
"db": "BID",
"id": "75154",
"trust": 1.4
},
{
"db": "JUNIPER",
"id": "JSA10694",
"trust": 1.4
},
{
"db": "MCAFEE",
"id": "SB10122",
"trust": 1.1
},
{
"db": "BID",
"id": "91787",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032564",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU91445763",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003084",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-1792",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132637",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132398",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132260",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132288",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132285",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136989",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137292",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169629",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1792"
},
{
"db": "BID",
"id": "75154"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003084"
},
{
"db": "PACKETSTORM",
"id": "132637"
},
{
"db": "PACKETSTORM",
"id": "132398"
},
{
"db": "PACKETSTORM",
"id": "132260"
},
{
"db": "PACKETSTORM",
"id": "132288"
},
{
"db": "PACKETSTORM",
"id": "132285"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "NVD",
"id": "CVE-2015-1792"
}
]
},
"id": "VAR-201506-0210",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.2242063475
},
"last_update_date": "2024-07-23T20:20:15.383000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht205031"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht205031"
},
{
"title": "cisco-sa-20150612-openssl",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150612-openssl"
},
{
"title": "Canonicalise input in CMS_verify.",
"trust": 0.8,
"url": "https://github.com/openssl/openssl/commit/cd30f03ac5bf2962f44bd02ae8d88245dff2f12c"
},
{
"title": "HPSBUX03388",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143880121627664\u0026amp;w=2"
},
{
"title": "HPSBMU03546",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05045763"
},
{
"title": "\u30a2\u30e9\u30a4\u30c9\u30c6\u30ec\u30b7\u30b9\u682a\u5f0f\u4f1a\u793e\u304b\u3089\u306e\u60c5\u5831",
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu91445763/522154/index.html"
},
{
"title": "NV15-010",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv15-010.html"
},
{
"title": "OpenSSL vulnerabilities",
"trust": 0.8,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"title": "Tarballs",
"trust": 0.8,
"url": "https://www.openssl.org/source/"
},
{
"title": "[11 Jun 2015] DHE man-in-the-middle protection (Logjam)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - October 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015verbose-2367954.html"
},
{
"title": "Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - January 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016verbose-2367956.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2016verbose-2881721.html"
},
{
"title": "Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"title": "July 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2016_critical_patch_update"
},
{
"title": "October 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2015_critical_patch_update"
},
{
"title": "January 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/january_2016_critical_patch_update"
},
{
"title": "JSA10694",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10694"
},
{
"title": "TLSA-2015-14",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2015/tlsa-2015-14j.html"
},
{
"title": "cisco-sa-20150612-openssl",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/112/1129/1129443_cisco-sa-20150612-openssl-j.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/07/06/hpe_rushes_out_patch_for_more_than_a_year_of_openssl_vulns/"
},
{
"title": "Red Hat: CVE-2015-1792",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-1792"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2639-1"
},
{
"title": "Amazon Linux AMI: ALAS-2015-550",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2015-550"
},
{
"title": "Tenable Security Advisories: [R7] OpenSSL \u002720150611\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2015-07"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20150612-openssl"
},
{
"title": "Symantec Security Advisories: SA98 : OpenSSL Security Advisory 11-June-2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=a7350b0751124b5a44ba8dbd2df71f9f"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=8b701aba68029ec36b631a8e26157a22"
},
{
"title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=744c19dc9f4f70ad58059bf8733ec9c1"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=63802a6c83b107c4e6e0c7f9241a66a8"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2015-1792 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1792"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003084"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003084"
},
{
"db": "NVD",
"id": "CVE-2015-1792"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.5,
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"trust": 1.4,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10694"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.4,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1115.html"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150612-openssl"
},
{
"trust": 1.4,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/75154"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201506-02"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2639-1"
},
{
"trust": 1.1,
"url": "https://github.com/openssl/openssl/commit/cd30f03ac5bf2962f44bd02ae8d88245dff2f12c"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht205031"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05131044"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05158380"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05184351"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05045763"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143654156615516\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "https://openssl.org/news/secadv/20150611.txt"
},
{
"trust": 1.1,
"url": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"trust": 1.1,
"url": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"trust": 1.1,
"url": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05353965"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"trust": 1.1,
"url": "http://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2015-008.txt.asc"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10122"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160647.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160436.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032564"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3287"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1792"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu91445763/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1792"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1790"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1792"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1788"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131044"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022444"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965845"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/aug/13"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04739301"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05353965"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05184351"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/aug/135"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05150888"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05158380"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022527"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1022724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005313"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21961837"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962520"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963232"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963954"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965415"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21966484"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022655"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098801"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101012435"
},
{
"trust": 0.3,
"url": "http://www.fortiguard.com/advisory/fg-ir-15-014/"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "https://www.alienvault.com/forums/discussion/5438/security-advisory-alienvault-v5-0-4-addresses-31-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962519"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962726"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963964"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005375"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020862"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022647"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962686"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961800"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961633"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964033"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963532"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960157"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020840"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961179"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962493"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962623"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?rs=0\u0026uid=swg21963438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959518"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961569"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963270"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964113"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005314"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963498"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966481"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966847"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966873"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967384"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968046"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968871"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970020"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970103"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970667"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964030"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963603"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966381"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4000"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/399.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2015-1792"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1792"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2639-1/"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=43094"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/jp/icewall_patchaccess"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1792"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1790"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1791"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1788"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1789"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu9.8"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.15"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu11.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.31"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1789\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-8.4.patch.asc"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv_20150611.txt\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4000\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1790\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-10.1.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-15:10.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1791\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-10.1.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-8.4.patch"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1788\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1792\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1791"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1789"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1788"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1790"
},
{
"trust": 0.1,
"url": "https://www.hp.com/swpublishing/mtx-b59b11be53744759a650eadeb4"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/sim"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8035"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131085"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3237"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2015"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0728"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7501"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2017"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7547"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05111017"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6565"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3568"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3508"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05130958"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3509"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3511"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/info/insightcontrol"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://rt.openssl.org/ticket/display.html?id=3286"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1792"
},
{
"db": "BID",
"id": "75154"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003084"
},
{
"db": "PACKETSTORM",
"id": "132637"
},
{
"db": "PACKETSTORM",
"id": "132398"
},
{
"db": "PACKETSTORM",
"id": "132260"
},
{
"db": "PACKETSTORM",
"id": "132288"
},
{
"db": "PACKETSTORM",
"id": "132285"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "NVD",
"id": "CVE-2015-1792"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2015-1792"
},
{
"db": "BID",
"id": "75154"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003084"
},
{
"db": "PACKETSTORM",
"id": "132637"
},
{
"db": "PACKETSTORM",
"id": "132398"
},
{
"db": "PACKETSTORM",
"id": "132260"
},
{
"db": "PACKETSTORM",
"id": "132288"
},
{
"db": "PACKETSTORM",
"id": "132285"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "NVD",
"id": "CVE-2015-1792"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-12T00:00:00",
"db": "VULMON",
"id": "CVE-2015-1792"
},
{
"date": "2015-06-11T00:00:00",
"db": "BID",
"id": "75154"
},
{
"date": "2015-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003084"
},
{
"date": "2015-07-10T15:43:15",
"db": "PACKETSTORM",
"id": "132637"
},
{
"date": "2015-06-22T14:14:00",
"db": "PACKETSTORM",
"id": "132398"
},
{
"date": "2015-06-11T23:39:03",
"db": "PACKETSTORM",
"id": "132260"
},
{
"date": "2015-06-12T13:25:28",
"db": "PACKETSTORM",
"id": "132288"
},
{
"date": "2015-06-12T13:17:58",
"db": "PACKETSTORM",
"id": "132285"
},
{
"date": "2016-05-13T16:14:13",
"db": "PACKETSTORM",
"id": "136989"
},
{
"date": "2016-06-02T19:12:12",
"db": "PACKETSTORM",
"id": "137292"
},
{
"date": "2015-06-11T12:12:12",
"db": "PACKETSTORM",
"id": "169629"
},
{
"date": "2015-06-12T19:59:05.273000",
"db": "NVD",
"id": "CVE-2015-1792"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULMON",
"id": "CVE-2015-1792"
},
{
"date": "2017-05-02T04:06:00",
"db": "BID",
"id": "75154"
},
{
"date": "2017-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003084"
},
{
"date": "2023-02-13T00:46:54.330000",
"db": "NVD",
"id": "CVE-2015-1792"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "75154"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of crypto/cms/cms_smime.c of do_free_upto Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003084"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "75154"
}
],
"trust": 0.3
}
}
VAR-200408-0145
Vulnerability from variot - Updated: 2024-07-23 20:13TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. A vulnerability exists in the reliance of the Border Gateway Protocol (BGP) on the Transmission Control Protocol (TCP) to maintain persistent sessions. Sustained exploitation of this vulnerability could lead to a denial-of-service condition affecting a large segment of the Internet community. Normal operations would most likely resume shortly after the attack stopped. TCP Has a sequence number TCP There is a problem that it is justified if it is within the window. Therefore, there is a vulnerability that makes it easy to guess the external sequence number when establishing a long-term connection that increases the window size. Note that products affected by this vulnerability TCP Covers many products with implementation. For more information, NISCC-236929 (JVN) , NISCC Advisory 236929 (CPNI Advisory 00391) Please check also.A third party TCP By predicting the sequence number of a particular TCP Service operation interruption such as forcibly terminating a connection (DoS) There is a possibility of being attacked. A vulnerability in TCP implementations may permit unauthorized remote users to reset TCP sessions. This issue affects products released by multiple vendors. Exploiting this issue may permit remote attackers to more easily approximate TCP sequence numbers. This will permit a remote attacker to inject a SYN or RST packet into the session, causing it to be reset and effectively allowing denial-of-service attacks. An attacker would exploit this issue by sending a packet to a receiving implementation with an approximated sequence number and a forged source IP and TCP port. Few factors may present viable target implementations, such as imlementations that: - depend on long-lived TCP connections - have known or easily guessed IP address endpoints - have known or easily guessed TCP source ports. As a result, this issue is likely to affect a number of routing platforms. Note also that while a number of vendors have confirmed this issue in various products, investigations are ongoing and it is likely that many other vendors and products will turn out to be vulnerable as the issue is investigated further. Other consequences may also result from this issue, such as injecting specific data in TCP sessions, but this has not been confirmed. **Update: Microsoft platforms are also reported prone to this vulnerability. Vendor reports indicate that an attacker will require knowledge of the IP address and port numbers of the source and destination of an existent legitimate TCP connection in order to exploit this vulnerability on Microsoft platforms. The following products and versions are affected: Oracle Solaris 10, 11; Openpgp 2.6.2; Mcafee Network Data Loss Prevention 8.6 and earlier, 9.2.0, 9.2.1, 9.2.2; Netbsd 1.5, Version 1.5.1, Version 1.5.2, Version 1.5.3, Version 1.6, Version 1.6.1, Version 1.6.2, Version 2.0; Xinuos Openserver Version 5.0.6, Version 5.0.7; Juniper Networks Junos OS; Xinuos Unixware Version 7.1.1, Version 7.1.3.
Want a new IT Security job?
Vacant positions at Secunia: http://secunia.com/secunia_vacancies/
TITLE: Avaya Intuity Audix TCP Connection Reset Vulnerability
SECUNIA ADVISORY ID: SA15263
VERIFY ADVISORY: http://secunia.com/advisories/15263/
CRITICAL: Less critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Avaya Intuity Audix R5 http://secunia.com/product/4586/
DESCRIPTION: Avaya has acknowledged a vulnerability in Intuity Audix, which can be exploited by malicious people to reset established TCP connections on a vulnerable system.
For more information: SA11440
SOLUTION: A patch will reportedly be included in the next major release.
ORIGINAL ADVISORY: Avaya: http://support.avaya.com/elmodocs2/security/ASA-2005-097_SCASA-2005-14.pdf
OTHER REFERENCES: SA11440: http://secunia.com/advisories/11440/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Routing operations would recover quickly after such attacks ended.
I. Description
In 2001, the CERT Coordination Center released CA-2001-09, describing statistical weaknesses in various TCP/IP Initial Sequence generators. In that document (http://www.cert.org/advisories/CA-2001-09.html), it was noted by Tim Newsham:
[I]f a sequence number within the receive window is known, an
attacker can inject data into the session stream or terminate the
connection. If the ISN value is known and the number of bytes sent
already sent is known, an attacker can send a simple packet to
inject data or kill the session.
Paul Watson has performed the statistical analysis of this attack when the ISN is not known and has pointed out that such an attack could be viable when specifically taking into account the TCP Window size. He has also created a proof-of-concept tool demonstrating the practicality of the attack. The National Infrastructure Security Co-Ordination Centre (NISCC) has published an advisory summarizing Paul Watson's analysis in "NISCC Vulnerability Advisory 236929," available at http://www.uniras.gov.uk/vuls/2004/236929/index.htm.
Since TCP is an insecure protocol, it is possible to inject transport-layer packets into sessions between hosts given the right preconditions. For detailed information about BGP and some tips for securing it, please see Cisco System's documentation (http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/bgp.htm or Team Cymru (http://www.cymru.com/). This may result in a brief loss of service until the fresh routing tables are created. When this is taken into account, instead of attempting to send a spoofed packet with all potential sequence numbers, the attacker would only need to calculate an valid sequence number that falls within the next expected ISN plus or minus half the window size. According to Paul Watson's report, with a typical xDSL data connection (80 Kbps, upstream) capable of sending of 250 packets per second (pps) to a session with a TCP Window size of 65,535 bytes, it would be possible to inject a TCP packet approximately every 5 minutes. It would take approximately 15 seconds with a T-1 (1.544 Mbps) connection. These numbers are significant when large numbers of compromised machines (often called "botnets" or "zombies") can be used to generate large amounts of packets that can be directed at a particular host.
To protect against such injections, RFC 2385 provides a method of using MD5 signatures on the TCP Headers. If this form of verification is supported and enabled between two peers, then an attacker would have to obtain the key used to transmit the packet in order to successfully inject a packet into the TCP session. Another alternative would be to tunnel BGP over IPSec. Again, this would provide a form of authentication between the BGP peers and the data that they transmit. The lack of authentication when using TCP for BGP makes this type of attack more viable.
US-CERT is tracking this issue as VU#415294. This reference number corresponds to CVE candidate CAN-2004-0230. NISCC is tracking this issue as Advisory 236929.
II. Impacts could range from data corruption or session hijacking to a denial-of-service condition.
III. Solution
Apply a patch from your vendor
Please see you vendor's statement regarding the availability of patches, updates and mitigation strategies. The lack of cryptographically-strong security options for the TCP header itself is a deficiency that technologies like IPSec try to address. It must be noted that in the final analysis that if an attacker has the ability to see unencrypted TCP traffic generated from a site, that site is vulnerable to various TCP attacks - not just those mentioned here. A stronger measure that would aid in protecting against such TCP attacks is end-to-end cryptographic solutions like those outlined in various IPSec documents.
The key idea with an end-to-end cryptographic solution is that there is some secure verification that a given packet belongs in a particular stream. However, the communications layer at which this cryptography is implemented will determine its effectiveness in repelling ISN based attacks. Solutions that operate above the Transport Layer (OSI Layer 4), such as SSL/TLS and SSH1/SSH2, only prevent arbitrary packets from being inserted into a session. They are unable to prevent a connection reset (denial of service) since the connection handling will be done by a lower level protocol (i.e., TCP). On the other hand, Network Layer (OSI Layer 3) cryptographic solutions such as IPSec prevent both arbitrary packets entering a transport-layer stream and connection resets because connection management is directly integrated into the secure Network Layer security model.
The solutions presented above have the desirable attribute of not requiring any changes to the TCP protocol or implementations to be made. RFC2385 ("Protection of BGP Sessions via the TCP MD5 Signature Option") and other technologies provide options for adding cryptographic protection within the TCP header at the cost of some potential denial of service, interoperability, and performance issues.
Ingress filtering
Ingress filtering manages the flow of traffic as it enters a network under your administrative control. You can configure your BGP routers to only accept packets on a specific network connection. Servers are typically the only machines that need to accept inbound connections from the public Internet. In the network usage policy of many sites, there are few reasons for external hosts to initiate inbound connections to machines that provide no public services. Thus, ingress filtering should be performed at the border to prohibit externally initiated inbound connections to non-authorized services. In this fashion, the effectiveness of many intruder scanning techniques can be dramatically reduced.
Network Isolation
Complex networks can benefit by separating data channels and control channels, such as BGP, into different logical or physical networks. Technologies such as VLANs, VPNs, leased links, NAT may all be able to contribute to separating the tranmission of control information from the transmission of the data stream.
Egress filtering
Egress filtering manages the flow of traffic as it leaves a network under your administrative control. There is typically limited need for machines providing public services to initiate outbound connections to the Internet.
In the case of BGP, only your BGP routers should be establishing connections to your peers. Other BGP traffic generated on your network could be a sign of an attempted attack.
Appendix A. As vendors report new information to US-CERT, we will update the vulnerability note. If a particular vendor is not listed in either the NISCC advisory, or the vulnerability, we recommend that you contact them for their comments. ___________
US-CERT thanks Paul Watson, Cisco Systems and NISCC for notifying us about this problem and for helping us to construct this advisory. ___________
Feedback can be directed to the US-CERT Technical Staff. ___________
Copyright 2004 Carnegie Mellon University. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Cisco Security Advisory:\xa0TCP Vulnerabilities in Multiple IOS-Based Cisco Products
Revision 1.0
For Public Release 2004 April 20 21:00 UTC (GMT)
Summary
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS\xae software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml. The severity of the exposure depends upon the protocols and applications that utilize TCP.
This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer), and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router).
Details
TCP is the transport layer protocol designed to provide connection-oriented reliable delivery of a data stream. To accomplish this, TCP uses a mixture of flags to indicate state and sequence numbers to identify the order in which the packets are to be reassembled. The acknowledgement number is not used in a packet with the reset (RST) flag set because a reset does not expect a packet in return. The full specification of the TCP protocol can be found at http://www.ietf.org/rfc/rfc0793.txt.
According to the RFC793 specification, it is possible to reset an established TCP connection by sending a packet with the RST or synchronize (SYN) flag set. However, the sequence number does not have to be an exact match; it is sufficient to fall within the advertised window. This significantly decreases the effort required by an adversary: the larger the window, the easier it is to reset the connection. The destination TCP port is usually known for all standard services (for example, 23 for Telnet, 80 for HTTP). Cisco IOS software uses predictable ephemeral ports for known services with a predictable increment (the next port which will be used for a subsequent connection). These values, while constant for a particular Cisco IOS software version and protocol, can vary from one release to another.
Here is an example of a normal termination of a TCP session:
Host(1) Host(2)
| |
| |
| ACK ack=1001, window=5000 |
|<----------------------------|
| |
Host(1) is
closing the session
| RST seq=1001 |
|---------------------------->|
| |
Host(2) is
closing the session
In addition, the following scenario is also permitted:
Host(1) Host(2)
| |
| |
| ACK ack=1001, window=5000 |
|<----------------------------|
| |
Host(1) is
closing the session
| RST seq=4321 |
|---------------------------->|
| |
Host(2) is
closing the session
Note how, in the second example, the RST packet was able to terminate the session although the sequence number was not the next expected one (which is 1001).
As a general rule, all protocols where a TCP connection stays established for longer than one minute should be considered exposed.
The exposure on this vulnerability can be described as follows:
-
Cisco IOS - All devices running Cisco IOS software are vulnerable. Sessions passing through the device are vulnerable only if the originating or receiving device is vulnerable, but they cannot be attacked on the router itself. This vulnerability does not compromise data integrity or confidentiality. It only affects availability.
This vulnerability is documented in the Cisco Bug Toolkit as Bug IDs CSCed27956 ( registered customers only) and CSCed38527 ( registered customers only) .
-
Cisco IOS Firewall (IOS FW) - The Cisco IOS FW monitors packets passing throughout the router and maintains the session state internally. This way, it is possible to "open" required ports and allow traffic to pass and then close them after the session has finished. Since Cisco IOS FW intercepts and examines all packets passing through the device, all TCP sessions passing through the Cisco IOS FW are vulnerable to this attack. This is valid even if the originating and receiving devices themselves are not vulnerable.
This vulnerability is documented in the Cisco Bug Toolkit as Bug ID CSCed93836 ( registered customers only) .
-
Network Address Translation (NAT) - This vulnerability does not have any effect on NAT. The NAT functionality simply rewrites ports and IP addresses. This feature does not interprete TCP flags and therefore is not vulnerable to this attack. However, the attacking packet will be passed through the router and the receiving device can be affected.
Impact
The impact will be different for each specific protocol. While in the majority of cases a TCP connection will be automatically re-established, in some specific protocols a second order of consequences may have a larger impact than tearing down the connection itself. Both external and internal (eBGP and iBGP) sessions are equally vulnerable. If an adversary tears down a BGP session between two routers, then all routes which were advertised between these two peers will be withdrawn. This would occur immediately for the router which has been attacked and after the next update/keepalive packet is sent by the other router. The BGP peering session itself will be re-established within a minute after the attack. Depending upon the exact routing configuration, withdrawal of the routes may have any of the following consequences:
-
No adverse effects at all if an appropriate static route(s) has(have) been defined on both sides of the affected session.
-
The traffic will be rerouted along other paths. This may cause some congestion along these paths.
-
A portion of the network will be completely isolated and unreachable.
If a BGP peering session is broken a few times within a short time interval, then BGP route dampening may be invoked. Dampening means that affected routes will be withdrawn from the Internet routing table for some period of time. By default that time is 45 minutes. During that time, all of the traffic whose route was advertised over the attacked BGP session will either be rerouted or a portion of the network will be unreachable. Route dampening is not enabled by default.
Cisco IOS Firewall Feature Set
It is possible to terminate an established TCP-based connection even if both endpoints are not vulnerable to this attack.
Software Versions and Fixes
Each row of the table describes a release train and the platforms or products for which it is intended. If a given release train is vulnerable, then the earliest possible releases that contain the fix and the anticipated date of availability for each are listed in the Rebuild, Interim, and Maintenance columns. In some cases, no rebuild of a particular release is planned; this is marked with the label "Not scheduled." A device running any release in the given train that is earlier than the release in a specific column (less than the earliest fixed release) is known to be vulnerable, and it should be upgraded at least to the indicated release or a later version (greater than the earliest fixed release label).
When selecting a release, keep in mind the following definitions:
-
Maintenance Most heavily tested and highly recommended release of any label in a given row of the table.
-
Rebuild Constructed from the previous maintenance or major release in the same train, it contains the fix for a specific vulnerability. Although it receives less testing, it contains only the minimal changes necessary to effect the repair. Cisco has made available several rebuilds of mainline trains to address this vulnerability, but strongly recommends running only the latest maintenance release on mainline trains.
-
Interim Built at regular intervals between maintenance releases and receives less testing. Interims should be selected only if there is no other suitable release that addresses the vulnerability, and interim images should be upgraded to the next available maintenance release as soon as possible. Interim releases are not available through manufacturing, and usually they are not available for customer download from CCO without prior arrangement with the Cisco Technical Assistance Center (TAC).
In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco TAC for assistance, as shown in the section following this table.
Fixed Cisco IOS Software Images for Cisco IOS Firewall
+------------+---------------------------------+ | Major | Availability of Repaired | | Release | Releases* | +------------+---------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.1-Based | | ** | | | Release | | | | +------------+---------+---------+-------------+ | 12.1 | 12.1 | | | | | (22c) | | | +------------+---------+---------+-------------+ | 12.1E | 12.1 | | | | | (19)E7 | | | | +---------+---------+-------------+ | | | | | +------------+---------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.2-Based | | ** | | | Release | | | | +------------+---------+---------+-------------+ | 12.2 | 12.2 | | | | | (21b) | | | | +---------+---------+-------------+ | | 12.2 | | | | | (23a) | | | +------------+---------+---------+-------------+ | 12.2T | 12.2 | | | | | (11)T11 | | | | +---------+---------+-------------+ | | 12.2 | | | | | (13)T12 | | | | +---------+---------+-------------+ | | 12.2 | | | | | (15)T12 | | | +------------+---------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.3-Based | | ** | | | Release | | | | +------------+---------+---------+-------------+ | 12.3 | 12.3 | | | | | (5c) | | | | +---------+---------+-------------+ | | 12.3 | | | | | (6a) | | | +------------+---------+---------+-------------+ | 12.3T | 12.3(4) | | | | | T4 | | | +------------+---------+---------+-------------+
Fixed Cisco IOS Software Releases and Migration Path
+----------+-------------------------------------+ | Major | Availability of Repaired Releases* | | Release | | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 11.1 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 11.1 | 11.1 Vulnerable. Migrate to 11.2 | +----------+-------------------------------------+ | 11.1AA | 11.1AA Vulnerable. Migrate to 11.2P | +----------+-------------------------------------+ | 11.1CC | 11.1CC Vulnerable. Migrate to 12.0 | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 11.2 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 11.2 | 11.2(26f) | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 11.2P | 11.2(26)P6 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 11.2SA | 11.2(8)SA6 Vulnerable. Migrate to | | | 12.0 | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 11.3 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 11.3 | 11.3 Vulnerable. Migrate to 12.0 | | +-------------+---------+-------------+ | | 11.3(11b)T4 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | | +-------------+---------+-------------+ | | 11.3(11e) | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.0 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.0 | 12.0(28) | | | +----------+-------------+---------+-------------+ | 12.0DA | 12.0DA Vulnerable. Migrate to | | | 12.2DA | +----------+-------------------------------------+ | 12.0DB | 12.0DB Vulnerable. Migrate to | | | 12.1DB | +----------+-------------------------------------+ | 12.0DC | 12.0DC Vulnerable. Migrate to | | | 12.1DC | +----------+-------------+---------+-------------+ | 12.0S | 12.0(27)S | | | | +-------------+---------+-------------+ | | 12.0(26)S2 | | | | +-------------+---------+-------------+ | | 12.0(16)S11 | | | | +-------------+---------+-------------+ | | 12.0(24)S5 | | | | +-------------+---------+-------------+ | | 12.0(25)S3 | | | | +-------------+---------+-------------+ | | 12.0(23)S6 | | | +----------+-------------+---------+-------------+ | 12.0SL | 12.0SL Vulnerable. Migrate to 12.0 | | | (23)S3 | +----------+-------------------------------------+ | 12.0ST | 12.0ST Vulnerable. Migrate to 12.0 | | | (26)S2 | +----------+-------------------------------------+ | 12.0SX | 12.0(25)SX4 Not built - contact TAC | +----------+-------------------------------------+ | 12.0SZ | 12.0SZ Vulnerable. Migrate to 12.0 | | | (26)S2 | +----------+-------------------------------------+ | 12.0T | 12.0T Vulnerable. Migrate to 12.1 | +----------+-------------+---------+-------------+ | 12.0W5 | 12.0(28)W5 | | | | | (30) | | | +----------+-------------+---------+-------------+ | 12.0WC | 12.0(5)WC9a | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 12.0WT | 12.0(13)WT Vulnerable. End of | | | Engineering | +----------+-------------------------------------+ | 12.0WX | 12.0(4)WX Vulnerable. Migrate to | | | 12.0W5 | +----------+-------------------------------------+ | 12.0XA | 12.0(1)XA Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XB | 12.0(1)XB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.0XC | 12.0(2)XC Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XD | 12.0(2)XD Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XE | 12.0(7)XE Vulnerable. Migrate to | | | 12.1E Latest | +----------+-------------------------------------+ | 12.0XG | 12.0(3)XG Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XH | 12.0(4)XH Vulnerable. Migrate to | | | 12.1 | +----------+-------------------------------------+ | 12.0XI | 12.0(4)XI Vulnerable. Migrate to | | | 12.1 | +----------+-------------------------------------+ | 12.0XJ | 12.0(4)XJ Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XK | 12.0(7)XK Vulnerable. Migrate to | | | 12.1T Latest | +----------+-------------------------------------+ | 12.0XL | 12.0(4)XL Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------------------------------+ | 12.0XM | 12.0(4)XM Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.0XN | 12.0(5)XN Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XP | 12.0(5.1)XP Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XQ | 12.0(5)XQ Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XR | 12.0(7)XR Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------------------------------+ | 12.0XS | 12.0(5)XS Vulnerable. Migrate to | | | 12.1E Latest | +----------+-------------------------------------+ | 12.0XU | 12.0(5)XU Vulnerable. Migrate to | | | 12.0(5)WC | +----------+-------------------------------------+ | 12.0XV | 12.0(7)XV Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.1 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.1 | 12.1(20a) | | | | +-------------+---------+-------------+ | | 12.1(4c) | | | | +-------------+---------+-------------+ | | 12.1(22a) | | | +----------+-------------+---------+-------------+ | 12.1AA | 12.1(10)AA Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------+---------+-------------+ | 12.1AX | 12.1(14)AX | | | +----------+-------------+---------+-------------+ | 12.1AY | 12.1(13)AY Vulnerable. Migrate to | | | 12.1(14)EA1 | +----------+-------------------------------------+ | 12.1DA | 12.2DA Vulnerable. Migrate to | | | 12.2DA | +----------+-------------------------------------+ | 12.1DB | 12.1(5)DB Vulnerable. Migrate to | | | 12.2B | +----------+-------------+---------+-------------+ | 12.1E | 12.1(19)E7 | | | | +-------------+---------+-------------+ | | 12.1(22)E1 | | | | +-------------+---------+-------------+ | | 12.1(11b) | | | | | E14 | | | | +-------------+---------+-------------+ | | 12.1(20)E2 Not built - contact TAC | | +-------------+---------+-------------+ | | 12.1(19)E6 | | | | +-------------+---------+-------------+ | | 12.1(13)E13 | | | | +-------------+---------+-------------+ | | 12.1(8b)E18 | | | | +-------------+---------+-------------+ | | 12.1(14)E10 | | | | +-------------+---------+-------------+ | | 12.1(13)E14 | | | +----------+-------------+---------+-------------+ | 12.1EA | 12.1(20)EA1 | | | +----------+-------------+---------+-------------+ | 12.1EB | 12.1(20)EB | | | +----------+-------------+---------+-------------+ | 12.1EC | 12.1(20)EC | | | +----------+-------------+---------+-------------+ | 12.1EO | 12.1(20)EO | | | | +-------------+---------+-------------+ | | 12.1(19)EO2 | | | | | Available | | | | | on | | | | | 2004-Apr-25 | | | +----------+-------------+---------+-------------+ | 12.1EU | 12.1(20)EU | | | +----------+-------------+---------+-------------+ | 12.1EV | 12.1(12c)EV Vulnerable. Migrate to | | | 12.2(RLS4)S | +----------+-------------+---------+-------------+ | 12.1EW | 12.1(20)EW2 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 12.1EX | 12.1EX Vulnerable. Migrate to 12.1 | | | (14)E | +----------+-------------------------------------+ | 12.1EY | 12.1(10)EY Vulnerable. Migrate to | | | 12.1(14)E | +----------+-------------+---------+-------------+ | 12.1T | 12.1(5)T17 | | | +----------+-------------+---------+-------------+ | 12.1XA | 12.1(1)XA Vulnerable. Migrate to | | | 12.1(5)T18 | +----------+-------------------------------------+ | 12.1XB | 12.1(1)XB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XC | 12.1(1)XC Vulnerable. Migrate to | | | 12.2 | +----------+-------------------------------------+ | 12.1XD | 12.1(1)XD Vulnerable. Migrate to | | | 12.2 | +----------+-------------------------------------+ | 12.1XE | 12.1(1)XE Vulnerable. Migrate to | | | 12.1E Latest | +----------+-------------------------------------+ | 12.1XF | 12.1(2)XF Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XG | 12.1(3)XG Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XH | 12.1(2a)XH Vulnerable. Migrate to | | | 12.2 | +----------+-------------------------------------+ | 12.1XI | 12.1(3a)XI Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------------------------------+ | 12.1XJ | 12.1(3)XJ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XL | 12.1(3)XL Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XM | 12.1(5)XM Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XP | 12.1(3)XP Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XQ | 12.1(3)XQ Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XR | 12.1(5)XR Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XT | 12.1(3)XT Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XU | 12.1(5)XU Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XV | 12.1(5)XV Vulnerable. Migrate to | | | 12.2XB | +----------+-------------------------------------+ | 12.1YA | 12.1(5)YA Vulnerable. Migrate to | | | 12.2(8)T | +----------+-------------------------------------+ | 12.1YB | 12.1(5)YB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1YC | 12.1(5)YC Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1YD | 12.1(5)YD Vulnerable. Migrate to | | | 12.2(8)T | +----------+-------------------------------------+ | 12.1YE | 12.1(5)YE5 Vulnerable. Migrate to | | | 12.2(2)YC | +----------+-------------------------------------+ | 12.1YF | 12.1(5)YF2 Vulnerable. Migrate to | | | 12.2(2)YC | +----------+-------------------------------------+ | 12.1YH | 12.1(5)YH2 Vulnerable. Migrate to | | | 12.2(13)T | +----------+-------------------------------------+ | 12.1YI | 12.1(5)YI2 Vulnerable. Migrate to | | | 12.2(2)YC | +----------+-------------------------------------+ | 12.1YJ | 12.1(11)YJ Vulnerable. Migrate to | | | 12.1EA Latest | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.2 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.2 | 12.2(19b) | | | | +-------------+---------+-------------+ | | 12.2(16f) | | | | +-------------+---------+-------------+ | | 12.2(21a) | | | | +-------------+---------+-------------+ | | 12.2(23) | | | | +-------------+---------+-------------+ | | 12.2(12i) | | | | +-------------+---------+-------------+ | | 12.2(10g) | | | | +-------------+---------+-------------+ | | 12.2(13e) | | | | +-------------+---------+-------------+ | | 12.2(17d) | | | | +-------------+---------+-------------+ | | 12.2(21b) | | | | +-------------+---------+-------------+ | | 12.2(23a) | | | +----------+-------------+---------+-------------+ | 12.2B | 12.2(2)B - 12.2(4)B7 Vulnerable. | | | Migrate to 12.2(13)T12 | | +-------------------------------------+ | | 12.2(4)B8 AND FWD Vulnerable. | | | Migrate to 12.3(5a)B1 | +----------+-------------+---------+-------------+ | 12.2BC | 12.2(15) | | | | | BC1C | | | +----------+-------------+---------+-------------+ | 12.2BW | 12.2(4)BW Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------+---------+-------------+ | 12.2BX | 12.2(16)BX2 | | | +----------+-------------+---------+-------------+ | 12.2BY | 12.2(4)BY Vulnerable. Migrate to | | | 12.2(15)B | | +-------------------------------------+ | | 12.2(8)BY Vulnerable. Migrate to | | | 12.2(8)ZB | | +-------------------------------------+ | | 12.2(2)BY Vulnerable. Migrate to | | | 12.2(8)BZ | +----------+-------------------------------------+ | 12.2BZ | 12.2(15)BZ Vulnerable. Migrate to | | | 12.2(16)BX | +----------+-------------------------------------+ | 12.2CX | 12.2(11)CX Vulnerable. Migrate to | | | 12.2(15)BC | +----------+-------------------------------------+ | 12.2CY | 12.2(11)CY Vulnerable. Migrate to | | | 12.2(13)BC1C | +----------+-------------------------------------+ | 12.2DD | 12.2DD Vulnerable. Migrate to 12.2 | | | (4)B1 | +----------+-------------------------------------+ | 12.2DX | 12.2(1)DX Vulnerable. Migrate to | | | 12.2DD | | +-------------------------------------+ | | 12.2(2)DX Vulnerable. Migrate to | | | 12.2B Latest | +----------+-------------+---------+-------------+ | 12.2EW | 12.2(18)EW | | | +----------+-------------+---------+-------------+ | 12.2JA | 12.2(13)JA4 | | | | +-------------+---------+-------------+ | | 12.2(13)JA2 | | | | +-------------+---------+-------------+ | | 12.2(11)JA3 | | | +----------+-------------+---------+-------------+ | 12.2MC | 12.2(15) | | | | | MC1B | | | +----------+-------------+---------+-------------+ | 12.2S | 12.2(22)S | | | | +-------------+---------+-------------+ | | 12.2(14)S7 | | | | +-------------+---------+-------------+ | | 12.2(20)S1 | | | | +-------------+---------+-------------+ | | 12.2(20)S3 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | | +-------------+---------+-------------+ | | 12.2(18)S3 | | | +----------+-------------+---------+-------------+ | 12.2SE | 12.2(18)SE | | | +----------+-------------+---------+-------------+ | 12.2SW | 12.2(21)SW | | | +----------+-------------+---------+-------------+ | 12.2SX | 12.2(17a) | | | | | SX2 | | | +----------+-------------+---------+-------------+ | 12.2SXA | 12.2(17b) | | | | | SXA1 | | | +----------+-------------+---------+-------------+ | 12.2SXB | 12.2(17d)SXB1 Not built - contact | | | TAC | +----------+-------------+---------+-------------+ | 12.2SY | 12.2(14)SY3 | | | +----------+-------------+---------+-------------+ | 12.2SZ | 12.2(14)SZ6 | | | +----------+-------------+---------+-------------+ | 12.2T | 12.2(15)T11 | | | | +-------------+---------+-------------+ | | 12.2(13)T12 | | | | +-------------+---------+-------------+ | | 12.2(11)T11 Not built - contact TAC | | +-------------+---------+-------------+ | | 12.2(13)T11 | | | +----------+-------------+---------+-------------+ | 12.2XA | 12.2(2)XA Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XB | 12.2(2)XB Vulnerable. Migrate to | | | 12.2(15)T | +----------+-------------------------------------+ | 12.2XC | 12.2(2)XC Vulnerable. Migrate to | | | 12.2(8)ZB | +----------+-------------------------------------+ | 12.2XD | 12.2(1)XD Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XE | 12.2(1)XE Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XF | 12.2(1)XF1 Vulnerable. Migrate to | | | 12.2(4)BC1C | +----------+-------------------------------------+ | 12.2XG | 12.2(2)XG Vulnerable. Migrate to | | | 12.2(8)T | +----------+-------------------------------------+ | 12.2XH | 12.2(2)XH Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XI | 12.2(2)XI2 Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XJ | 12.2(2)XJ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XK | 12.2(2)XK Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XL | 12.2(4)XL Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XM | 12.2(4)XM Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XN | 12.2(2)XN Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XQ | 12.2(2)XQ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XS | 12.2(1)XS Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XT | 12.2(2)XT Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XU | 12.2(2)XU Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XW | 12.2(4)XW Vulnerable. Migrate to | | | 12.2(13)T12 | +----------+-------------------------------------+ | 12.2YA | 12.2(4)YA Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YB | 12.2(4)YB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YC | 12.2(2)YC Vulnerable. Migrate to | | | 12.2(11)T11 | +----------+-------------------------------------+ | 12.2YD | 12.2(8)YD Vulnerable. Migrate to | | | 12.2(8)YY | +----------+-------------------------------------+ | 12.2YE | 12.2(9)YE Vulnerable. Migrate to | | | 12.2S | +----------+-------------------------------------+ | 12.2YF | 12.2(4)YF Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YG | 12.2(4)YG Vulnerable. Migrate to | | | 12.2(13)T12 | +----------+-------------------------------------+ | 12.2YH | 12.2(4)YH Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YJ | 12.2(8)YJ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YK | 12.2(2)YK Vulnerable. Migrate to | | | 12.2(13)ZC | +----------+-------------------------------------+ | 12.2YL | 12.2(8)YL Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YM | 12.2(8)YM Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YN | 12.2(8)YN Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YO | 12.2(9)YO Vulnerable. Migrate to | | | 12.2(14)SY | +----------+-------------------------------------+ | 12.2YP | 12.2(11)YP Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.2YQ | 12.2(11)YQ Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YR | 12.2(11)YR Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YS | 12.2(11)YS Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.2YT | 12.2(11)YT Vulnerable. Migrate to | | | 12.2(15)T | +----------+-------------------------------------+ | 12.2YU | 12.2(11)YU Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YV | 12.2(11)YV Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2YW | 12.2(8)YW Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YX | 12.2(11)YX Vulnerable. Migrate to | | | 12.2(RLS3)S | +----------+-------------------------------------+ | 12.2YY | 12.2(8)YY Vulnerable. Migrate to | | | 12.3(1)T | +----------+-------------------------------------+ | 12.2YZ | 12.2(11)YZ Vulnerable. Migrate to | | | 12.2(14)SZ | +----------+-------------+---------+-------------+ | 12.2ZA | 12.2(14)ZA6 | | | +----------+-------------+---------+-------------+ | 12.2ZB | 12.2(8)ZB Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.2ZC | 12.2(13)ZC Vulnerable. Migrate to | | | 12.3T | +----------+-------------+---------+-------------+ | 12.2ZD | 12.2(13)ZD1 | | | +----------+-------------+---------+-------------+ | 12.2ZE | 12.2(13)ZE Vulnerable. Migrate to | | | 12.3 | +----------+-------------------------------------+ | 12.2ZF | 12.2(13)ZF Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2ZG | 12.2(13)ZG Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2ZH | 12.2(13)ZH Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2ZI | 12.2(11)ZI Vulnerable. Migrate to | | | 12.2(18)S | +----------+-------------+---------+-------------+ | 12.2ZJ | 12.2(15)ZJ5 | | | | +-------------+---------+-------------+ | | 12.2(15)ZJ4 | | | +----------+-------------+---------+-------------+ | 12.2ZK | 12.2(15)ZK Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.2ZL | 12.2(15)ZL Vulnerable. Migrate to | | | 12.3(7)T | +----------+-------------------------------------+ | 12.2ZN | 12.2(15)ZN Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------+---------+-------------+ | 12.2ZP | 12.2(13)ZP3 | | | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.3 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.3 | 12.3(3e) | | | | +-------------+---------+-------------+ | | 12.3(6) | | | | +-------------+---------+-------------+ | | 12.3(5b) | | | +----------+-------------+---------+-------------+ | 12.3B | 12.3(5a)B | | | | +-------------+---------+-------------+ | | 12.3(3)B1 | | | +----------+-------------+---------+-------------+ | 12.3BW | 12.3(1a)BW Vulnerable. Migrate to | | | 12.3B | +----------+-------------+---------+-------------+ | 12.3T | 12.3(2)T4 | | | | +-------------+---------+-------------+ | | 12.3(7)T1 Not built - contact TAC | | +-------------+---------+-------------+ | | 12.3(4)T3 | | | +----------+-------------+---------+-------------+ | 12.3XA | 12.3(2)XA Vulnerable. Contact TAC. | +----------+-------------+---------+-------------+ | 12.3XB | 12.3(2)XB2 | | | +----------+-------------+---------+-------------+ | 12.3XC | 12.3(2)XC2 | | | +----------+-------------+---------+-------------+ | 12.3XD | 12.3(4)XD1 | | | +----------+-------------+---------+-------------+ | 12.3XE | 12.3(2)XE Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.3XF | 12.3(2)XF Vulnerable. Contact TAC | | | if needed. | +----------+-------------+---------+-------------+ | 12.3XG | 12.3(4)XG | | | +----------+-------------+---------+-------------+ | 12.3XH | 12.3(4)XH | | | +----------+-------------+---------+-------------+ | 12.3XI | 12.3(7)XI Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.3XJ | 12.3(7)XJ Vulnerable. Contact TAC | | | if needed | +----------+-------------+---------+-------------+ | 12.3XK | 12.3(4)XK | | | +----------+-------------+---------+-------------+ | 12.3XL | 12.3(7)XL Vulnerable. Contact Tac | | | if needed | +----------+-------------------------------------+ | 12.3XM | 12.3(9)XM Vulnerable. Contact TAC | | | if needed. | +----------+-------------------------------------+ | 12.3XN | 12.3(4)XN Vulnerable. Contact TAC | | | if needed. | +----------+-------------------------------------+ | 12.3XQ | 12.3(4)XQ Vulnerable. Contact TAC | | | if needed. | +----------+-------------------------------------+ | * All dates are estimated and subject to | | change. | | | | ** Interim releases are subjected to less | | rigorous testing than regular maintenance | | releases, and may have serious bugs. | +------------------------------------------------+
Obtaining Fixed Software
Customers with Service Contracts
Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com.
Customers using Third-party Support Organizations
Customers whose Cisco products are provided or maintained through prior or existing agreement with third-party support organizations such as Cisco Partners, authorized resellers, or service providers should contact that support organization for assistance with the upgrade, which should be free of charge.
Customers without Service Contracts
Customers who purchase direct from Cisco but who do not hold a Cisco service contract and customers who purchase through third-party vendors but are unsuccessful at obtaining fixed software through their point of sale should get their upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows.
-
+1 800 553 2447 (toll free from within North America)
-
+1 408 526 7209 (toll call from anywhere in the world)
-
e-mail: tac@cisco.com
See http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including special localized telephone numbers and instructions and e-mail addresses for use in various languages.
Please have your product serial number available and give the URL of this notice as evidence of your entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC.
Please do not contact either "psirt@cisco.com" or "security-alert@cisco.com" for software upgrades.
Workarounds
The effectiveness of any workaround is dependent on specific customer situations such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround is the most appropriate for use in the intended network before it is deployed.
There are no workarounds available to mitigate the effects of this vulnerability on Cisco IOS Firewall.
For BGP, we will present the workaround and only a few mitigation techniques. For additional information regarding BGP security risk assessment, mitigation techniques, and deployment best practices, please consult ftp://ftp-eng.cisco.com/cons/isp/security/ BGP-Risk-Assesment-v.pdf.
-
BGP MD5 secret
The workaround for BGP is to configure MD5 secret for each session between peers. This can be configured as shown in the following example: router(config)#router bgp router(config-router)#neighbor password
It is necessary to configure the same shared MD5 secret on both peers and at the same time. Failure to do so will break the existing BGP session and the new session will not get established until the exact same secret is configured on both devices. For a detailed discussion on how to configure BGP, refer to the following document http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/ products_configuration_guide_chapter09186a00800ca571.html . Once the secret is configured, it is prudent to change it periodically. The exact period must fit within your company security policy but it should not be longer than a few months. When changing the secret, again it must be done at the same time on both devices. Failure to do so will break your existing BGP session. The exception is if your Cisco IOS software release contains the integrated CSCdx23494 ( registered customers only) fix. With this fix, the BGP session will not be terminated when the MD5 secret is changed only on one side. The BGP updates, however, will not be processed until either the same secret is configured on both devices or the secret is removed from both devices.
It is possible to mitigate the exposure for BGP on this vulnerability by applying one or more of the following measures which will lessen the potential for the necessary spoofing required to implement a successful attack:
-
Blocking access to the core infrastructure
Although it is often difficult to block traffic transiting your network, it is possible to identify traffic which should never be allowed to target your infrastructure devices and block that traffic at the border of your network. Infrastructure access control lists (ACLs) are considered a network security best practice and should be considered as a long-term addition to good network security as well as a workaround for this specific vulnerability. The white paper entitled "Protecting Your Core: Infrastructure Protection Access Control Lists", available at http://www.cisco.com/warp/public/707/ iacl.html, presents guidelines and recommended deployment techniques for infrastructure protection ACLs. Exceptions would include any devices which have a legitimate reason to access your infrastructure (for example, BGP peers, NTP sources, DNS serves, and so on). All other traffic must be able to traverse your network without terminating on any of your devices.
-
Configure anti-spoofing measures on the network edge In order for an adversary to use the attack vector described in this advisory, it must send packets with the source IP address equal to one of the BGP peers. You can block spoofed packets either using the Unicast Reverse Path Forwarding (uRPF) feature or by using access control lists (ACLs). By enabling uRPF, all spoofed packets will be dropped at the first device. To enable uRPF, use the following commands: router(config)#ip cef
router(config)#ip verify unicast reverse-pathPlease consult http://www.cisco.com/en/US/products/sw/iosswrel/ps1835 /products_configuration_guide_chapter09186a00800ca7d4.html and ftp:// ftp-eng.cisco.com/cons/isp/security/URPF-ISP.pdf for further details on how uRPF works and how to configure it in various scenarios. This is especially important if you are using asymmetric routing. ACLs should also be deployed as close to the edge as possible. Unlike uRPF, you must specify the exact IP range that is permitted. Specifying which addresses should be blocked is not the optimal solution because it tends to be harder to maintain.
Caution: In order for anti-spoofing measures to be effective, they must be deployed at least one hop away from the devices which are being protected. Ideally, they will be deployed at the network edge facing your customers.
-
Packet rate limiting RST packets are rate-limited in Cisco IOS software by default. This feature is introduced in Cisco IOS Software Release 10.2. In the case of a storm of RST packets, they are effectively limited to one packet per second. In order to be successful, an attacker must terminate connection with the first few packets. Otherwise, the attack is deemed to be impracticably long. On the other hand, SYN packets are not rate-limited in any way. Rate limiting can be accomplished either by using Committed Access Rate (CAR) or by Control Plane Policing (CPP). While CPP is the recommended approach, it is available only for Cisco IOS Software Releases 12.2(18)S and 12.3(4)T. It is currently supported only on the following routers: 1751, 2600/2600-XM, 3700, 7200, and 7500 Series.
CAR can be configured as follows:
router(config)#access-list 103 deny tcp any host 10.1.1.1 established router(config)#access-list 103 permit tcp any host 10.0.0.1 router(config)#interface <interface> <interface #> router(config-if)#rate-limit input access-group 103 8000 8000 8000 conform-action transmit exceed-action dropFor details on how to configure and deploy CPP, please consult the following document http://www.cisco.com/en/US/products/sw/iosswrel/ ps1838/products_white_paper09186a0080211f39.shtml
Exploitation and Public Announcements
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory.
The exploitation of the vulnerability with packets having RST flag set (reset packets) was discovered by Paul (Tony) Watson of OSVDB.org. The extension of the attack vector to packets with SYN flag was discovered by the vendors cooperating on the resolution of this issue.
Status of This Notice: INTERIM
This is a INTERIM advisory. Although Cisco cannot guarantee the accuracy of all statements in this advisory, all of the facts have been checked to the best of our ability. Cisco does not anticipate issuing updated versions of this advisory unless there is some material change in the facts. Should there be a significant change in the facts, Cisco may update this advisory.
A stand-alone copy or Paraphrase of the text of this Security Advisory that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory will be posted on Cisco's worldwide website at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml.
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
-
cust-security-announce@cisco.com
-
first-teams@first.org (includes CERT/CC)
-
bugtraq@securityfocus.com
-
vulnwatch@wulnwatch.org
-
cisco@spot.colorado.edu
-
cisco-nsp@puck.nether.net
-
full-disclosure@lists.netsys.com
-
comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+----------+-------------+----------------+ | Revision | 2004-Apr-20 | Initial public | | 1.0 | | release. | +----------+-------------+----------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/warp/public/707/ sec_incident_response.shtml. This includes instructions for press inquiries regarding Cisco Security Notices. All Cisco Security Advisories are available at http://www.cisco.com/go/psirt.
All contents are Copyright \xa9 1992-2004 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (Cygwin)
iD8DBQFAhZTpezGozzK2tZARAkKXAJ9BWwuytT7zwoOL+RkZJPebYN3W3ACfV/+K 0Fd3MvvRlKSETCrlMGL/dZg= =eDSn -----END PGP SIGNATURE----- .
The nonexhaustive list of vulnerable non-IOS based Cisco products is as follows:
-
Access Registrar
-
BPX, IGX, MGX WAN switches, and the Service Expansion Shelf
-
BR340, WGB340, AP340, AP350, BR350 Cisco/Aironet wireless products
-
Cache Engine 505 and 570
-
CallManager
-
Catalyst 1200, 1900, 28xx, 29xx, 3000, 3900, 4000, 5000, 6000
-
Cisco 8110 Broadband Network Termination Unit
-
Cisco Element Management Framework
-
Cisco Info Center
-
Cisco Intelligent Contact Management
-
Cisco MDS 9000
-
Cisco ONS 15190/15194 IP Transport Concentrator
-
Cisco ONS 15327 Metro Edge Optical Transport Platform
-
Cisco ONS 15454 Optical Transport Platform
-
Cisco ONS 15531/15532 T31 OMDS Metro WDM System
-
Cisco ONS 15800/15801/15808 Dense Wave Division Multiplexing Platform
-
Cisco ONS 15830 T30 Optical Amplification System
-
Cisco ONS 15831/15832 T31 DWDM System
-
Cisco ONS 15863 T31 Submarine WDM System
-
Content Router 4430 and Content Delivery Manager 4630 and 4650
-
Cisco Secure Intrusion Detection System (NetRanger) appliance and IDS Module
-
Cisco Secure PIX firewall
-
Cisco ws-x6608 and ws-x6624 IP Telephony Modules
-
CiscoWorks Windows
-
Content Engine 507, 560, 590, and 7320
-
CSS11000 (Arrowpoint) Content Services Switch
-
Hosting Solution Engine
-
User Registration Tool VLAN Policy Server
-
Cisco FastHub 300 and 400
-
CR-4430-B
-
Device Fault Manager
-
Internet CDN Content Engine 590 and 7320, Content Distribution Manager 4670, and Content Router 4450
-
IP Phone (all models including ATA and VG248)
-
IP/TV
-
LightStream 1010
-
LightStream 100 ATM Switches
-
LocalDirector
-
ME1100 series
-
MicroHub 1500,MicroSwitch 1538/1548
-
Voice Manager
-
RTM
-
SN5400 series storage routers
-
Switch Probe
-
Unity Server
-
VG248 Analog Phone Gateway
-
Traffic Director
-
WAN Manager
Products Confirmed Not Vulnerable
The following products are not vulnerable:
-
Cisco VPN 3000 Series Concentrators
-
Cisco Firewall Services Module for Cisco Catalyst 6500 Series and Cisco 7600 Series (FWSM)
Details
TCP is the transport layer protocol designed to provide connection-oriented reliable delivery of a data stream. The Cisco PSIRT has analyzed multiple TCP-based protocols, as they are used within our offering, and we believe that this vulnerability does not have a significant impact on them. We will present our analysis for a few protocols which have the potential for higher impact due to the long lived connections.
Voice signaling H.225, H.245 (part of H.323 suite)
H.225 and H.245 protocols are used in voice signaling. Their purpose is to negotiate parameters for content transfer (voice or video). The established sessions persist for the duration of a call. Any call in progress is terminated when the signaling session is broken. A new signaling session will be established immediately for the new call, but terminated calls cannot be re-established.
Each call from an IP telephone or softphone will result in the creation of a single signaling session. It is possible that a single signaling session is responsible for multiple calls, but that setup is used deeper within the Service Provider's network. Determining all necessary parameters for mounting an attack is deemed a non-trivial task if the network is designed according to the current best practices.
Network Storage (iSCSI, FCIP)
Network Storage products use two TCP-based protocols: SCSI over IP (iSCSI) and Fiber Channel over IP (FCIP).
-
SCSI over IP (iSCSI)
iSCSI is used in a client/server environment. The client is your computer and it is only the client that initiates a connection. This connection is not shared with any other users. Terminating the session will not have any adverse consequences if people are using current drivers from Microsoft for Windows and from Cisco for Linux. These drivers will re-establish the session and continue transfer from the point where it was disconnected. Drivers from other vendors may behave differently.
The user may notice that access to a virtual device is slightly slower than usual.
-
Fiber Channel over IP (FCIP)
FCIP is a peer-to-peer protocol. It is used for mirroring data between switches. Each peer can initiate the session. Switches can, and should be in practice, configured in a mesh. Bringing one link down will cause traffic to be re-routed over other link(s). If an adversary can manage to terminate the session multiple times in a row, the user's application may terminate with a "Device unreachable" or similar error message. This does not have any influence on the switch itself and the user can retry the operation.
The user may notice that access to a virtual device is slightly slower than usual. An occasional error message is possible. SSL/TLS connections can be used to encapsulate various kinds of traffic and these sessions can be long lived. An encrypted session can be attacked either on the originating or terminating host or on the firewalls in front of them (if they exist). | | | | Customers | | | | are | | | | encouraged | | | | to migrate | | | | to IOS.
NISCC Vulnerability Advisory 236929
NISCC Vulnerability Advisory 236929
Vulnerability Issues in TCP
Version Information
| Advisory Reference | 236929 |
| Release Date | 20 April 2004 |
| Last Revision | 22 April 2004 |
| Version Number | 1.4 |
What is Affected?
The vulnerability described in this advisory affects implementations of the Transmission Control Protocol (TCP) that comply with the Internet Engineering Task Force\x92s (IETF\x92s) Requests For Comments (RFCs) for TCP, including RFC 793, the original specification, and RFC 1323, TCP Extensions for High Performance.
TCP is a core network protocol used in the majority of networked computer systems today. Many vendors include support for this protocol in their products and may be impacted to varying degrees.
Severity
The impact of this vulnerability varies by vendor and application, but in some deployment scenarios it is rated critical. Alternatively contact your vendor for product specific information.
If exploited, the vulnerability could allow an attacker to create a Denial of Service condition against existing TCP connections, resulting in premature session termination. The resulting session termination will affect the application layer, the nature and severity of the effects being dependent on the application layer protocol. The primary dependency is on the duration of the TCP connection, with a further dependency on knowledge of the network (IP) addresses of the end points of the TCP connection.
The Border Gateway Protocol (BGP) is judged to be potentially most affected by this vulnerability.
BGP relies on a persistent TCP session between BGP peers. Resetting the connection can result in medium term unavailability due to the need to rebuild routing tables and route flapping. Route flapping may result in route dampening (suppression) if the route flaps occur frequently within a short time interval. The overall impact on BGP is likely to be moderate based on the likelihood of successful attack. If the TCP MD5 Signature Option and anti-spoofing measures are used then the impact will be low as these measures will successfully mitigate the vulnerability.
There is a potential impact on other application protocols such as DNS (Domain Name System) and SSL (Secure Sockets Layer) in the case of zone transfers and ecommerce transactions respectively, but the duration of the sessions is relatively short and the sessions can be restarted without medium term unavailability problems. In the case of SSL it may be difficult to guess the source IP address.
Data injection may be possible. However, this has not been demonstrated and appears to be problematic. The reason for this is that the receiving TCP implementation checks the sequence number of the RST or SYN packet, which is a 32 bit number, giving a probability of 1/232 of guessing the sequence number correctly (assuming a random distribution).
The discoverer of the practicability of the RST attack was Paul A. Watson, who describes his research in his paper \x93Slipping In The Window: TCP Reset Attacks\x94, presented at the CanSecWest 2004 conference. In a RST/ACK packet an acknowledgement number is included in the packet, although it is not checked by the receiving TCP implementation.)
RFC 793, p36, states the following:
"In all states except SYN-SENT, all reset (RST) segments are validated by checking their SEQ-fields [sequence numbers]. In the SYN-SENT state (a RST received in response to an initial SYN), the RST is acceptable if the ACK field acknowledges the SYN."
Resets must be processed immediately. RFC 793, p25, says "[\x85] [E]ven when the receive window is zero, a TCP must process the RST and URG fields of all incoming segments."
It is also possible to perform the same attack with SYN (synchronise) packets. RFC 793, p31 states:
\x93The principle reason for the three-way handshake is to prevent old duplicate connection initiations from causing confusion. To deal with this, a special control message, reset, has been devised. [\x85] If the TCP is in one of the synchronized states (ESTABLISHED, FIN-WAIT-1, FIN-WAIT-2, CLOSE-WAIT, CLOSING, LAST-ACK, TIME-WAIT), it aborts the connection and informs its user.\x94
TCP window sizes are negotiated in the initial 3-way handshake used to set up a TCP connection, with higher values serving to improve throughput in some circumstances. Vendor-chosen defaults also influence the selection. An attacker seeking to disrupt an existing TCP connection must supply the 4-tuple correctly. As the source port varies, additional work is generally called for on the part of the attacker. However, research (referenced below) has shown that the process of source port selection on many platforms includes predictable elements, so that the attack remains practicable. By weighting 'likely' source port values carefully, an attacker can disrupt TCP implementations that employ a range of window sizes.
Application layer protocols that are critically affected are those that:
| \x95 | Depend on long lived TCP connections |
| \x95 | Have known or easy-to-guess IP address end points |
| \x95 | Have easy to an easy-to-guess source TCP port |
As noted above BGP does use long lived TCP connections, and the IP addresses and
source port (and destination port) are sometimes available through the use of
BGP looking glasses (multi-source, multi-destination trace route tools) or DNS
resource records. Using \x93trace route\x94 commands can provide information on
peering point IP addresses. Thus BGP is likely to be critically affected by the
TCP vulnerability.
These denial of service attacks can be carried out by single machine, or by
multiple co-operating systems (to form a distributed denial of service attack).
It is also possible to inject packets, which will be processed if they are in
the window. The difficulty with data injection attacks is that the receiving TCP
implementation will reassemble the packets received according to sequence
number, dropping any duplicate packets.
Vendor specific information will be released as it becomes available and if vendor permission has been received. Subscribers are advised to check the following URL regularly for updates:
http://www.uniras.gov.uk/vuls/2004/236929/index.htm
[Please note that updates to this advisory will not be notified by email.]
This vulnerability has been assigned the CVE
name
CAN-2004-0230.
The Open Source Vulnerability Database ID
number for this vulnerability is
4030.
Mitigation
The following mitigation steps are still being evaluated and may be incomplete.
Customers should work with vendors for the workaround most appropriate for the
product in question.
In the absence of vendor patching of the TCP implementation, the following are
general mitigating steps:
| \x95 | Implement IP Security (IPSEC) which will encrypt traffic at the network layer, so TCP information will not be visible |
| \x95 | Reduce the TCP window size (although this could increase traffic loss and subsequent retransmission) |
| \x95 | Do not publish TCP source port information |
It should be noted that IPSEC provides confidentiality and authentication
services at the network layer, and can provide a measure of trust in the
authenticity of the end points as well as encryption of traffic between the end
points. However, in the context of the current attack IPSEC will reject
RST and SYN packets that are not part of a secure IP packet stream.
To change the TCP window size, in some Unix variants you can set a value of the
default TCP windows size by using the \x93sysctl\x94 program (\x93ndd -set\x94 in the case
of Sun Solaris). In the case of Microsoft Windows NT/2000/XP/2003, the default
window size can be changed by modifying the value of the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
key. As noted above, great care should be exercised when altering the default
TCP window size as network performance could be adversely affected.
In the case of BGP, the following may counter the problem:
| \x95 | Implement ingress and egress filtering to check that the traffic entering or leaving the network has a source IP address that is expected on the router/firewall interface that receives the traffic |
| \x95 | Implement the TCP MD5 Signature Option to checksum the TCP packet carrying the BGP application data (see RFC 2385), being careful to set and maintain strong (i.e. difficult to guess) passwords to which the MD5 checksum is applied. Also see RFC 3562 which discusses the security requirements of this keying material. |
| \x95 | Limit the amount of information available through looking glasses and DNS resource records, being careful not to expose TCP port information unnecessarily |
The IETF ingress filtering standard is defined in
RFC 2827.
A discussion of egress filtering can be found at
http://www.sans.org/y2k/egress.htm.
The use of the TCP MD5 Signature Option will prevent the exploitation of this
vulnerability. Router customers should implement this on all BGP peering points
if it is supported by the router, upgrading the router firmware if necessary.
Solution
Please refer to the Vendor Information section of this advisory for
implementation specific remediation.
Some vendors will have reduced the
likelihood of successful denial of service by amending the TCP implementation to
issue a further acknowledgment packet challenge for RST and SYN packets that do
not have exactly the expected sequence number.
The Internet Engineering Task Force (IETF) has
published an Internet Draft to co-incide
with the release of this advisory.
The text of this draft is available from
the IETF web site:
http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt
NISCC has produced best practice guidelines for BGP available at
http://www.niscc.gov.uk/BGP Filtering Guide.pdf
Secure configuration templates for BGP implementations on Cisco IOS and Juniper JUNOS can be found at:
| \x95 | Cisco | http://www.cymru.com/Documents/secure-bgp-template.html |
| \x95 | Juniper | http://www.qorbit.net/documents/junos-bgp-template.pdf |
Guidance on tuning of the IP stack for a number of different UNIX operating systems is available at
http://www.cymru.com/Documents/ip-stack-tuning.html
Vendor Information
The following vendors have provided information about how their products are affected
by these vulnerabilities.
Please note that JPCERT/CC have released a Japanese language advisory for this vulnerability
which contains additional information regarding Japanese vendors. This advisory is available at
http://www.jpcert.or.jp/at/2004/at040003.txt.
| Certicom | |
|
Certicom has examined the National Infrastructure Security Coordination
Centre (NISCC) advisory and determined it is not vulnerable. Certicom Developer Toolkits for SSL (SSL Plus, SSL Plus for Java, Security Builder SSL-C and Security Builder SSL-J) do not provide a TCP/IP transport mechanism, but rather utilize the supported operating system's TCP/IP stack. The vulnerability is against the TCP/IP stack itself, and not directly against the functionality offered by Certicom toolkits. Therefore, there is no patch or workaround that can be implemented within Certicom products. The patch or workaround must be provided by the operating system vendor. Customers are urged to contact their operating system vendors to determine if they have provided a workaround to this advisory. If you have any further questions please do not hesitate to contact support@certicom.com. |
|
| Check Point | |
| The latest release for VPN-1/FireWall-1
(R55 HFA-03) contains a protection against this vulnerability. The
protection applies to both the firewall device and to hosts behind the
firewall. Please refer to the Check Point web site for further information at: http://www.checkpoint.com/techsupport/alerts/tcp_dos.html. |
|
| Cisco | |
|
Cisco Systems is addressing the vulnerabilities identified by NISCC
Vulnerability Advisory 236929 across its entire product line. Cisco
has released two related advisories: TCP Vulnerabilities in Multiple IOS-Based Cisco Products http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml TCP Vulnerabilities in Multiple Non-IOS Cisco Products http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml |
|
| Cray Inc | |
| Cray Inc. is vulnerable on their UNICOS, UNICOS/mk and UNICOS/mp systems. Spr's have been opened to track this issue. Please contact your local Cray Service Representative for more information. | |
| Hitachi | |
| Hitachi is investigating the potential impact to Hitachi's products. | |
| Innovaphone | |
| Not vulnerable. | |
| Internet Initiative Japan, Inc (IIJ) | |
| IIJ will release a new firmware to fix this vulnerability. Details are available on their web site at http://www.seil.jp/en/ann/announce_en_20040421_01.txt. | |
| InterNiche | |
| === NicheStack v2.0 TCP/IP === InterNiche Technologies has updated its NicheStack v2.0 TCP/IP product to handle the scenarios described in NISCC Vulnerability Notice #236929. The patch is available to all InterNiche customers in accordance with the terms of their current support agreements. More information can be found on www.iNiche.com or through support@iNiche.com === NicheLite v2.0 TCP/IP === InterNiche Technologies has updated its NicheLite v2.0 TCP/IP product to handle the scenarios described in NISCC Vulnerability Notice #236929. The patch is available to all InterNiche customers in accordance with the terms of their current support agreements. More information can be found on www.iNiche.com or through support@iNiche.com |
|
| Juniper Networks | |
|
Juniper Networks products are susceptible to this vulnerability. Customers
should contact Juniper Networks Technical Assistance Center for availability and
download instructions. Additional information is posted on our web site at https://www.juniper.net/support. |
|
| Lucent Technologies | |
| Lucent Technologies is aware of this vulnerability advisory and is investigating any potential impact to its product portfolio. As further information becomes available, Lucent will provide information directly to its customers, if appropriate. | |
| Mitel Networks | |
| Mitel is aware of the vulnerability and is working with the vendors of our underlying networking software to assess the impact and, if necessary, determine potential solutions. When more information becomes available, an advisory will be issued. Please contact 'security@mitel.com' if you have specific questions. | |
| MRLG | |
| A new version of the Multi-Router Looking Glass tool (4.3.0) has been released. This includes a patch that prevents a remote user from utilising the "sh ip bgp neighbors" functionality. This new version is available from ftp://ftp.enterzone.net/looking-glass/CURRENT/. | |
| NEC | |
| NEC is aware of this vulnerability and is trying to determine potential impacts on our products. | |
| Nortel Networks | |
| Nortel Networks has evaluated this issue and testing has confirmed that it
is possible to successfully exploit this vulnerability. However, the
preconditions for a successful exploitation require levels of access to the
network that are unlikely to be achieved in a normal network operating
environment; furthermore, such levels of access would enable other forms of
attack with much greater impact than that achievable by exploiting this
vulnerability. Nortel Networks is continuing to validate that this vulnerability has no serious consequences for Nortel equipment, and will update this statement periodically. |
|
| Polycom | |
|
Polycom has investigated the potential
impact to our products for NISCC Advisory 236929. Specific product information will be provided at http://www.polycom.com/securitycenter. |
|
| Secure Computing Corporation | |
| The Sidewinder and Sidewinder G2 firewalls offer protection against this attack at all releases. As application-layer firewalls, Sidewinder and Sidewinder G2 offer protection to systems behind the firewall as well as protecting management connections to the firewall. | |
| Yamaha | |
| Pending. |
Acknowledgements
NISCC wishes to thank the following:
| \x95 | Steve Bellovin, Rob Thomas and Paul Watson for their contributions to this advisory. |
| \x95 | Cisco Systems Inc. and Juniper Networks Inc. for their help with the content of this advisory and for their support during the disclosure process. |
| \x95 | JPCERT/CC for their assistance in co-ordinating this disclosure in Japan. |
References
| Internet Engineering Task Force | |||
| RFC 793 Transmission Control Protocol | |||
| http://www.ietf.org/rfc/rfc793.txt | |||
| RFC 1323 TCP Extensions for High Performance | |||
| http://www.ietf.org/rfc/rfc1323.txt | |||
| RFC 1771 A Border Gateway Protocol 4 (BGP-4) | |||
| http://www.ietf.org/rfc/rfc1771.txt | |||
| RFC 2385 Protection of BGP Sessions via the TCP MD5 Signature Option | |||
| http://www.ietf.org/rfc/rfc2385.txt | |||
| RFC 2827 Network Ingress Filtering | |||
| http://www.ietf.org/rfc/rfc2827.txt | |||
| RFC 3562 Considerations for the TCP MD5 Signature Option | |||
| http://www.ietf.org/rfc/rfc3562.txt | |||
| RFC 3682 Generalized TTL Security Mechanism | |||
| http://www.ietf.org/rfc/rfc3682.txt | |||
| Internet Draft - Transmission Control Protocol security considerations | |||
| http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt | |||
| NISCC | |||
| Best Practice Guidelines - Border Gateway Protocol | |||
| http://www.niscc.gov.uk/BGP Filtering Guide.pdf | |||
| Configuration and Tuning Guides | |||
| Secure BGP Template for Cisco IOS | |||
| http://www.cymru.com/Documents/secure-bgp-template.html | |||
| JUNOS Secure BGP Template | |||
| http://www.qorbit.net/documents/junos-bgp-template.pdf | |||
| UNIX IP Stack Tuning Guide | |||
| http://www.cymru.com/Documents/ip-stack-tuning.html | |||
| Other Documents | |||
| SANS discussion on egress filtering | |||
| http://www.sans.org/y2k/egress.htm | |||
| Vulnerability Databases | |||
| Common Vulnerabilities and Exposures (CVE) | |||
| http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230 | |||
| Open Source Vulnerability Database (OSVDB) | |||
| http://www.osvdb.org/displayvuln.php?osvdb_id=4030 |
Contact Information
The NISCC Vulnerability Management Team can be contacted as follows:
| vulteam@niscc.gov.uk
(Please quote the advisory reference in the subject line.) |
|
| Telephone | +44 (0)20 7821 1330 Extension 4511
(Monday to Friday 08:30 - 17:00) |
| Fax | +44 (0)20 7821 1686 |
| Post | Vulnerability Management Team NISCC PO Box 832 London SW1P 1BG |
We encourage those who wish to communicate via email to make use of our PGP key. This is available from http://www.uniras.gov.uk/UNIRAS.asc.
Please note that UK government protectively marked material should not be sent to the email address above.
If you wish to be added to our email distribution list, please email your request to uniras@niscc.gov.uk.
What is NISCC?
For further information regarding the UK National Infrastructure Security Co-Ordination Centre, please visit the NISCC web site at:
http://www.niscc.gov.uk/aboutniscc/index.htm
Reference to any specific commercial product, process or service by trade name, trademark manufacturer or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by NISCC. The views and opinions of authors expressed within this notice shall not be used for advertising or product endorsement purposes.
Neither shall NISCC accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this notice.
\xa9 2004 Crown Copyright
Revision History
| April 20, 2004: | Initial release (1.0) |
| April 21, 2004: | Corrected hyperlinks (1.1) |
| Inserted impact statement for Cisco (1.1) | |
| Inserted impact statement for Mitel (1.1) | |
| Inserted MRLG patch reference (1.2) | |
| April 22, 2004: | Revised impact statement for Certicom (1.3) |
| Inserted impact statement for Nortel Networks (1.3) | |
| Inserted impact statement for Secure Computing Corporation (1.3) | |
| Inserted references section (1.4) | |
| Inserted impact statement for Lucent Technologies (1.4) |
<End of NISCC Vulnerability Advisory>
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-14:19.tcp Security Advisory The FreeBSD Project
Topic: Denial of Service in TCP packet processing
Category: core Module: inet Announced: 2014-09-16 Credits: Jonathan Looney (Juniper SIRT) Affects: All supported versions of FreeBSD. Corrected: 2014-09-16 09:48:35UTC (stable/10, 10.1-PRERELEASE) 2014-09-16 09:48:35 UTC (stable/10, 10.1-BETA1-p1) 2014-09-16 09:50:19 UTC (releng/10.0, 10.0-RELEASE-p9) 2014-09-16 09:49:11 UTC (stable/9, 9.3-STABLE) 2014-09-16 09:50:19 UTC (releng/9.3, 9.3-RELEASE-p2) 2014-09-16 09:50:19 UTC (releng/9.2, 9.2-RELEASE-p12) 2014-09-16 09:50:19 UTC (releng/9.1, 9.1-RELEASE-p19) 2014-09-16 09:49:11 UTC (stable/8, 8.4-STABLE) 2014-09-16 09:50:19 UTC (releng/8.4, 8.4-RELEASE-p16) CVE Name: CVE-2004-0230
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . New TCP connections are initiated using special SYN flag in a datagram. Sequencing of data is controlled by 32-bit sequence numbers, that start with a random value and are increased using modulo 232 arithmetic. In case one of the two port numbers is unknown, a successful attack requires less than 217 packets spoofed, which can be generated within less than a second on a decent connection to the Internet. Workaround
It is possible to defend against these attacks with stateful traffic inspection using a firewall. This can be done by enabling pf(4) on the system and creating states for every connection. Even a default ruleset to allow all traffic would be sufficient to mitigate this issue.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
fetch http://security.FreeBSD.org/patches/SA-14:19/tcp.patch
fetch http://security.FreeBSD.org/patches/SA-14:19/tcp.patch.asc
gpg --verify tcp.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile your kernel as described in and reboot the system.
3) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r271668 releng/8.4/ r271669 stable/9/ r271668 releng/9.1/ r271669 releng/9.2/ r271669 releng/9.3/ r271669 stable/10/ r271667 releng/10.0/ r271669
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200408-0145",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "catalyst csx",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "60005.3"
},
{
"model": "solaris",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "11"
},
{
"model": "solaris",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.6.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "unixware",
"scope": "eq",
"trust": 1.6,
"vendor": "xinuos",
"version": "7.1.1"
},
{
"model": "unixware",
"scope": "eq",
"trust": 1.6,
"vendor": "xinuos",
"version": "7.1.3"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 1.5,
"vendor": "cisco",
"version": "30002.5.2"
},
{
"model": "nexland isb soho firewall appliance",
"scope": null,
"trust": 1.1,
"vendor": "symantec",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "wan manager",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "vg248 analog phone gateway",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "traffic director",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "rtm",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "6.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "lightstream",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "1010"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "12.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "11.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "element management framework",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "content router",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "4450"
},
{
"model": "content router",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "4430"
},
{
"model": "content engine",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "560"
},
{
"model": "content engine",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "507"
},
{
"model": "channel port adapter",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "channel interface processor",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "access registrar",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "network data loss prevention",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "9.2.0"
},
{
"model": "openpgp",
"scope": "eq",
"trust": 1.0,
"vendor": "openpgp",
"version": "2.6.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "*"
},
{
"model": "network data loss prevention",
"scope": "lte",
"trust": 1.0,
"vendor": "mcafee",
"version": "8.6"
},
{
"model": "network data loss prevention",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "openserver",
"scope": "eq",
"trust": 1.0,
"vendor": "xinuos",
"version": "5.0.6"
},
{
"model": "openserver",
"scope": "eq",
"trust": 1.0,
"vendor": "xinuos",
"version": "5.0.7"
},
{
"model": "network data loss prevention",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "9.2.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "60006.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "60005.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "50006.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "40006.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "40005.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "redback",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "ciscoworks voice manager",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "seil/turbo",
"scope": "lt",
"trust": 0.8,
"vendor": "internet initiative",
"version": "ver.1.19 earlier firmware"
},
{
"model": "firewall services module",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "cisco 7600 for series )"
},
{
"model": "systems parallel channel port adapter",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "seil/neu",
"scope": "lt",
"trust": 0.8,
"vendor": "internet initiative",
"version": "t1 ver.1.90 earlier ver.1.x firmware"
},
{
"model": "sanrise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "9500v series"
},
{
"model": "catalyst 2900 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "2948g-ge-tx"
},
{
"model": "gateway security 300 series",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "ws-x6624-fxs",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "mgx 8230 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ons 15500 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "ons 15531/15532 t31"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "interstage application server",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "5.0/5.1/6.0"
},
{
"model": "gateway security 400 series",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "content router",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "cr-4430-b"
},
{
"model": "mgx 8250 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "gateway security 5300 series",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "v1.0"
},
{
"model": "fasthub 400 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ons 15800 series dwdm platforms",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "ons 15800/15801/15808"
},
{
"model": "provider-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng with application intelligence (r55)"
},
{
"model": "hp ethertwist switch",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "8110 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks for windows",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "microswitch",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "1538/1548"
},
{
"model": "ws-x6608-e1",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ons 15830",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t30 optical amplification system"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "windows server 2003",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "provider-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng fp3"
},
{
"model": "switchprobe",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "gateway security 5400 series",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "v2.x"
},
{
"model": "catalyst 2800 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "interstage security director",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v5.0l10/v5.0l20/v6.0l10"
},
{
"model": "bpx 8600 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "broadb network termination unit"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng with application intelligence (r55)"
},
{
"model": "rt series",
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"model": "hp procurve routing switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "9300m series"
},
{
"model": "ip/tv",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "safegate",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "2.2.1"
},
{
"model": "me1100 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ix5000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "gs4000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ciscoworks host solution engine",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 3000 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng fp3"
},
{
"model": "catalyst 3900 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ws-x6608-t1",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "gr4000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "provider-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng with application intelligence (r54)"
},
{
"model": "ata 180 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "cx3200",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "mgx 8950 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "secure ids",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "(netranger) ids module"
},
{
"model": "ons 15400 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "ons 15454"
},
{
"model": "ons 15300 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "ons 15327"
},
{
"model": "ciscoworks wireless lan solution engine",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "fasthub 300 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "secure user registration tool",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "seil/neu",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "2fe"
},
{
"model": "content switching module",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "gr2000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "qx series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "seil/neu",
"scope": "lt",
"trust": 0.8,
"vendor": "internet initiative",
"version": "2fe plus ver.1.10 earlier firmware"
},
{
"model": "localdirector",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng with application intelligence (r54)"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98"
},
{
"model": "ons 15831",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t31 dwdm system"
},
{
"model": "microhub",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "me"
},
{
"model": "sn 5400 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "( includes products other than routers tcp all products that implement )"
},
{
"model": "seil/neu",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "128"
},
{
"model": "windows 2000",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "safegate",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v2.0l20a"
},
{
"model": "interstage security director",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v3.0l20/v4.0l10/v4.0l20"
},
{
"model": "catalyst 1900 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks device fault manager",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "mgx 8220 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "igx 8400 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "590 7320"
},
{
"model": "aironet 350 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "seil/neu",
"scope": "lt",
"trust": 0.8,
"vendor": "internet initiative",
"version": "t1 ver.2.22 earlier ver.2.x firmware"
},
{
"model": "ons 15100 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "ons 15190/15194"
},
{
"model": "internet cdn solution",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "univerge ip8800/s,/r series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "systems escon channel port adapter",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "firewall/vpn appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "100/200/200r"
},
{
"model": "hp advancestack switch",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "catalyst 4000 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 2820 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "firewall services module",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "(catalyst 6500"
},
{
"model": "aironet ap340 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "css 11000 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "css 11150"
},
{
"model": "ix5500 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "gs3000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "nexland pro series firewall appliance",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "1.5 model 1100/1200/1300"
},
{
"model": "interstage security director",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "4.0/4.1"
},
{
"model": "application and content networking system",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "secure access control server software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "for windows unix"
},
{
"model": "vg248",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "catalyst 1200 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "global site selector",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "mds 9000 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "catalyst 5000 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "info center",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "css 11000 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "(arrowpoint)"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "content distribution manager",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 6000 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "content delivery manager",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4630 4650"
},
{
"model": "css 11500 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "seil/neu",
"scope": "lt",
"trust": 0.8,
"vendor": "internet initiative",
"version": "atm ver.1.36 earlier firmware"
},
{
"model": "css 11000 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "css 11050"
},
{
"model": "ix1000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "505 570"
},
{
"model": "ons 15832",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t31 dwdm system"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98 scd"
},
{
"model": "intelligent contact management",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "unity",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "server"
},
{
"model": "vpn 3000 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "css 11000 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "css 11800"
},
{
"model": "mgx 8850 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "hp procurve switch",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "interstage security director",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v6.0l10"
},
{
"model": "tru64 f pk8",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "4.0"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "50005.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "50004.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "40005.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "40005.2"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.0.3"
},
{
"model": "css11500 content services switch s",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "13001.5"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12001.5"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11001.5"
},
{
"model": "nexland pro800turbo firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "nexland pro800 firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "nexland pro400 firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "nexland pro100 firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "54002.0.1"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "54002.0"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "53101.0"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "53001.0"
},
{
"model": "gateway security 460r",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "460"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "440"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4200"
},
{
"model": "gateway security 360r build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.1415"
},
{
"model": "gateway security 360r build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.1300"
},
{
"model": "gateway security 360r",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "360"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "320"
},
{
"model": "firewall/vpn appliance 200r",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "firewall/vpn appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "200"
},
{
"model": "firewall/vpn appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "100"
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.25"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.24"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.23"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"model": "turbo",
"scope": "eq",
"trust": 0.3,
"vendor": "seil",
"version": "1.18"
},
{
"model": "neu t1",
"scope": "eq",
"trust": 0.3,
"vendor": "seil",
"version": "2.21"
},
{
"model": "neu t1",
"scope": "eq",
"trust": 0.3,
"vendor": "seil",
"version": "1.89"
},
{
"model": "neu atm",
"scope": "eq",
"trust": 0.3,
"vendor": "seil",
"version": "1.35"
},
{
"model": "neu 2fe plus",
"scope": "eq",
"trust": 0.3,
"vendor": "seil",
"version": "1.9"
},
{
"model": "neu 2fe",
"scope": "eq",
"trust": 0.3,
"vendor": "seil",
"version": "2.21"
},
{
"model": "neu 2fe",
"scope": "eq",
"trust": 0.3,
"vendor": "seil",
"version": "1.89"
},
{
"model": "neu",
"scope": "eq",
"trust": 0.3,
"vendor": "seil",
"version": "1282.21"
},
{
"model": "neu",
"scope": "eq",
"trust": 0.3,
"vendor": "seil",
"version": "1281.89"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.1"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "5.0"
},
{
"model": "screenos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.3"
},
{
"model": "screenos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.3"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.3"
},
{
"model": "screenos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.3"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.3"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.2"
},
{
"model": "screenos r9",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.1"
},
{
"model": "screenos r8",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.1"
},
{
"model": "screenos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.1"
},
{
"model": "screenos r6",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.1"
},
{
"model": "screenos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.1"
},
{
"model": "screenos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.1"
},
{
"model": "screenos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.1"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.1"
},
{
"model": "screenos r10",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.1"
},
{
"model": "screenos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.1"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0.1"
},
{
"model": "screenos r9",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0"
},
{
"model": "screenos r8",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0"
},
{
"model": "screenos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0"
},
{
"model": "screenos r6",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0"
},
{
"model": "screenos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0"
},
{
"model": "screenos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0"
},
{
"model": "screenos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0"
},
{
"model": "screenos r12",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0"
},
{
"model": "screenos r11",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0"
},
{
"model": "screenos r10",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0"
},
{
"model": "screenos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0"
},
{
"model": "screenos -dial",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "4.0"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1.1"
},
{
"model": "screenos r9",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos r8",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos r6",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos r12",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos r11",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos r10",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos r8",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.3"
},
{
"model": "screenos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.3"
},
{
"model": "screenos r6",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.3"
},
{
"model": "screenos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.3"
},
{
"model": "screenos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.3"
},
{
"model": "screenos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.3"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.3"
},
{
"model": "screenos r1.1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.3"
},
{
"model": "screenos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.3"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.3"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.2"
},
{
"model": "screenos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.1"
},
{
"model": "screenos r6",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.1"
},
{
"model": "screenos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.1"
},
{
"model": "screenos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.1"
},
{
"model": "screenos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.1"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.1"
},
{
"model": "screenos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.1"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.1"
},
{
"model": "screenos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0"
},
{
"model": "screenos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0"
},
{
"model": "screenos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0"
},
{
"model": "screenos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.10"
},
{
"model": "screenos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.10"
},
{
"model": "screenos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.8"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.8"
},
{
"model": "screenos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.7.1"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.7.1"
},
{
"model": "screenos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.7.1"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.7.1"
},
{
"model": "screenos r9",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "screenos r8",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "screenos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "screenos r6",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "screenos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "screenos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "screenos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "screenos r12",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "screenos r11",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "screenos r10",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "screenos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6"
},
{
"model": "screenos r6",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.5"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.5"
},
{
"model": "screenos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.5"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.5"
},
{
"model": "screenos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.1"
},
{
"model": "screenos r6",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.1"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.1"
},
{
"model": "screenos r8",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.0.1"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "1.73"
},
{
"model": "screenos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "1.73"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "1.66"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "1.66"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "1.64"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "windows xp tablet pc edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "x64"
},
{
"model": "windows xp professional sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp media center edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp media center edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp embedded sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp embedded",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp 64-bit edition version",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"model": "windows server web edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server web edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "windows server standard edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "windows server enterprise edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "windows server enterprise edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "windows server datacenter edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "windows server datacenter edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "data loss prevention",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "data loss prevention",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.1"
},
{
"model": "data loss prevention",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.0"
},
{
"model": "data loss prevention",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "8.6"
},
{
"model": "t-series router t640",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "t-series router t320",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "m-series router m5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "m-series router m40e",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "m-series router m40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "m-series router m20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "m-series router m160",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "m-series router m10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "e-series router",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "nichestack",
"scope": "eq",
"trust": 0.3,
"vendor": "interniche",
"version": "2.0"
},
{
"model": "nichelite",
"scope": "eq",
"trust": 0.3,
"vendor": "interniche",
"version": "2.0"
},
{
"model": "rfc tcp",
"scope": "eq",
"trust": 0.3,
"vendor": "ietf",
"version": "793:"
},
{
"model": "rfc tcp extensions for high performance",
"scope": "eq",
"trust": 0.3,
"vendor": "ietf",
"version": "1323:"
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "tru64 b-2 pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "tru64 b pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "tru64 b pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "tru64 a pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "tru64 g pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "procurve switch 9315m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 9308m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 9304m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 8000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 5372xl j4848a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 5348xl j4849a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 5308xl j4819a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 5304xl j4850a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl-bundle",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl j4865a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4000m j4121a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2525"
},
{
"model": "procurve switch j4813a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2524"
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2524"
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2512"
},
{
"model": "procurve switch 2424m j4093a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 2424m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 2400m j4122a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 2400m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 1600m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ethertwist",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "advancestack switch 800t j3245a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "advancestack 10base-t switching hub j3210a a.03.07",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "advancestack 10base-t switching hub j3205a a.03.07",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "advancestack 10base-t switching hub j3204a a.03.07",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "advancestack 10base-t switching hub j3203a a.03.07",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "advancestack 10base-t switching hub j3202a a.03.07",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "advancestack 10base-t switching hub j3201a a.03.07",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "advancestack 10base-t switching hub j3200a a.03.07",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-rc",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-beta3-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-beta1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "9.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-rc2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2-"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "9.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p18",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "release-p4",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "9.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.0-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.0-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.0-rc3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.0--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"model": "8.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.4"
},
{
"model": "8.3-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.3-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.3-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.3-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.3-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.3-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.3-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.3"
},
{
"model": "8.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.2-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.2-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.2-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "release -p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.2-"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.2"
},
{
"model": "8.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.1-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.1-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.1-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.1"
},
{
"model": "8.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"model": "8-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.0-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.0-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.0-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.0-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.0-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.0-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.0-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.0-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.0-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.0-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.0-beta",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10"
},
{
"model": "unicos/mp",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "2.3"
},
{
"model": "unicos/mp",
"scope": null,
"trust": 0.3,
"vendor": "cray",
"version": null
},
{
"model": "unicos/mk",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "2.0.5.54"
},
{
"model": "unicos/mk",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "1.5.1"
},
{
"model": "unicos/mk",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "1.5"
},
{
"model": "unicos max",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "1.3.5"
},
{
"model": "unicos max",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "1.3"
},
{
"model": "unicos",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "9.2.4"
},
{
"model": "unicos",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "9.2"
},
{
"model": "unicos",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "9.0.2.5"
},
{
"model": "unicos",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "9.0"
},
{
"model": "unicos",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "8.3"
},
{
"model": "unicos",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "8.0"
},
{
"model": "unicos",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "7.0"
},
{
"model": "unicos",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "6.1"
},
{
"model": "unicos e",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "6.0"
},
{
"model": "unicos",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "6.0"
},
{
"model": "ws-x6624",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ws-x6608",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wireless lan solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wireless lan solution appliance",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wgb340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5008"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5002"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5001"
},
{
"model": "voice manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "user registration tool vlan policy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.46"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "unity server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.7"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "sn5400 series storage routers",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sn storage router sn5428-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2.5.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1.3"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(7)"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(5)"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(4)"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(3)"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(2)"
},
{
"model": "secure pix firewall",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure intrusion detection system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(3.109)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(3.102)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(1)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.2.111"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(3.100)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(3)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(1)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.5"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.4"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(5)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(4)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(3)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(2)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(1)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.4"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(4.101)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(4)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(2)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(1)"
},
{
"model": "parallel channel port adapter",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons t31 submarine wdm system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15863"
},
{
"model": "ons t31 dwdm system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15832"
},
{
"model": "ons t31 dwdm system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15831"
},
{
"model": "ons t30 optical amplification system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15830"
},
{
"model": "ons dense wave division mux platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15808"
},
{
"model": "ons dense wave division mux platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15801"
},
{
"model": "ons dense wave division mux platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15800"
},
{
"model": "ons t31 omds metro wdm system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15532"
},
{
"model": "ons t31 omds metro wdm system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15531"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(3)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(2)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0(2)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.4"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.3"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.2"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.0"
},
{
"model": "ons ip transport concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15194"
},
{
"model": "ons ip transport concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15190"
},
{
"model": "microswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1548"
},
{
"model": "microswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1538"
},
{
"model": "microhub",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1500"
},
{
"model": "mgx-8850 r2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8850 r1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8260",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8240",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8220",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx pxm1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8850-1.2.11"
},
{
"model": "mgx pxm1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8850-1.2.10"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8850"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8830"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.11"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.10"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.11"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.10"
},
{
"model": "mgx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "me1100",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "local director",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "lightstream atm switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "100"
},
{
"model": "ip/tv server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7960"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7940"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "ios 12.3xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ze",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2za",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yv",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ys",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yo",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ym",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2se",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ja",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ew",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2dd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2cx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2by",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1xv"
},
{
"model": "ios 12.1xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ey",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ex",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ew",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ev",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1eu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1eo",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ec",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1eb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ea",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ay",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ax",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0xv"
},
{
"model": "ios 12.0xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0wx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0wt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0wc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0w5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0sz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0st",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0sl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2sa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2p",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1cc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "internet cdn content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "internet cdn content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "intelligent contact manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "intelligent contact manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "infocenter",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "igx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8400"
},
{
"model": "hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3"
},
{
"model": "hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "fasthub",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4001.0"
},
{
"model": "fasthub",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "escon channel port adapter",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "device fault manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "css11800 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "css11150 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "css11050 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "csm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cr-4430-b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.1"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73203.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73202.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5903.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5902.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5603.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5602.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5073.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5072.2.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4670"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "content delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "content delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "ciscoworks windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ciscosecure acs for windows and unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ciscosecure acs appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1111"
},
{
"model": "catalyst series ssl services module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6500"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60007.6(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60007.5(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60007.1(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60007.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.3(4)"
},
{
"model": "catalyst pan",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.3"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2(0.111)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2(0.110)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.1(2.13)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(13)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4"
},
{
"model": "catalyst ws-x6380-nam",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60003.1"
},
{
"model": "catalyst ws-svc-nam-2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60003.1"
},
{
"model": "catalyst ws-svc-nam-1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60003.1"
},
{
"model": "catalyst ws-svc-nam-2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.2"
},
{
"model": "catalyst ws-svc-nam-1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.2"
},
{
"model": "catalyst ws-x6380-nam",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.3(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.1(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.1(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(7)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(6)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(13)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(9)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(8)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(7)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(6)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(5)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(12)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(11)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(10)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40007.6(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40007.5(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40007.1.2"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40007.1(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40007.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40006.3.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40006.3(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40006.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(13)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(7)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(6)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(5)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(9)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(8)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(7)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(6)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(5)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(10)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3900"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "catalyst supervisor software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx2.4.401"
},
{
"model": "catalyst supervisor software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx2.1.1102"
},
{
"model": "catalyst supervisor software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx2.1.6"
},
{
"model": "catalyst supervisor software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx2.1.502"
},
{
"model": "catalyst supervisor software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx2.1.501"
},
{
"model": "catalyst supervisor software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx2.1.5"
},
{
"model": "catalyst supervisor software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx1.0"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2950"
},
{
"model": "catalyst 2948g-l3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 2948g-ge-tx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 2948g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2920"
},
{
"model": "catalyst xl",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "catalyst lre xl",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "catalyst xu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "290012.0"
},
{
"model": "catalyst sa6",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "290011.2"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29006.1(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29006.1(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29005.5(7)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29005.5(6)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29004.5(12)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29004.5(11)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2820"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2800"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1200"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5704.1"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5704.0"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5703.0"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5702.2.0"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "570"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5054.1"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5054.0"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5053.0"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5052.2.0"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "505"
},
{
"model": "br350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "br340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bpx/igx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bpx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8600"
},
{
"model": "bpx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ap350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ap340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wan switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8950"
},
{
"model": "broadband network termination unit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8110"
},
{
"model": "point software vpn-1 vsx ng with application intelligence",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software vpn-1 next generation fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software vpn-1 next generation fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software vpn-1 next generation fp0",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software vpn-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp5a",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform ng fp2 edition",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "2"
},
{
"model": "point software secureplatform ng fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform ng fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform ng",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software firewall-1 vsx ng with application intelligence",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software firewall-1 next generation fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software firewall-1 next generation fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software firewall-1 next generation fp0",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software firewall-1 gx",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "2.0"
},
{
"model": "point software firewall-1 [ vpn des ]",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "+4.1"
},
{
"model": "point software firewall-1 [ vpn des strong ] sp2 build",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "++4.141716"
},
{
"model": "point software firewall-1 [ vpn des strong ] build",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "++4.141439"
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp5a",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "3.0"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.1.2"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.1"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.0"
},
{
"model": "coat systems security gateway os sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.1.5001"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.1.10"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.1.9"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.0"
},
{
"model": "coat systems cacheos ca/sa",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "4.1.12"
},
{
"model": "coat systems cacheos ca/sa",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "4.1.10"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "intuity audix r5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "cms r17 r3",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "cms r16 r6",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "cms r16 r5",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "cms r16",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.4"
},
{
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0"
},
{
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.2"
},
{
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.1"
},
{
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.14"
},
{
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.13"
},
{
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12.1"
},
{
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12"
},
{
"model": "network data loss prevention",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.2-release-p12",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p19",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-release-p16",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-prerelease",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-beta1-p1",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.0-release-p9",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3080"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3060"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3030"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3015"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30054.0.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30054.0"
},
{
"model": "vpn concentrator f",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.7"
},
{
"model": "vpn concentrator d",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.7"
},
{
"model": "vpn concentrator c",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.7"
},
{
"model": "vpn concentrator b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.7"
},
{
"model": "vpn concentrator a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.7"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.7"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.5"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.3"
},
{
"model": "vpn hardware client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3002"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.0.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.0.x"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.0"
},
{
"model": "vpn concentrator d",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6.7"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6.7"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.5"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.4"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.3"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.2"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.4"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.2"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0.4"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.0"
},
{
"model": "pix firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.3(133)"
},
{
"model": "pix firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3(110)"
},
{
"model": "pix firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.5(104)"
},
{
"model": "ons optical transport platform",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.14"
},
{
"model": "mds",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(6)"
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(5)"
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(4)"
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(2)"
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(1)"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(6)"
},
{
"model": "ios 12.2ja",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(23)"
},
{
"model": "ios 12.2 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xn1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(28)"
},
{
"model": "ios 12.0 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fwsm for cisco catalyst series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6500/76001.1(3.17)"
},
{
"model": "fwsm for cisco catalyst series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6500/7600"
},
{
"model": "css11500 content services switch s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "catalyst series ssl services module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "65002.1(2)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "28209.00.07"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "19009.00.07"
},
{
"model": "cms r17 r4",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "cms r16.3 r7",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "alienvault",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "BID",
"id": "10183"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000150"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-159"
},
{
"db": "NVD",
"id": "CVE-2004-0230"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openpgp:openpgp:2.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mcafee:network_data_loss_prevention:9.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:network_data_loss_prevention:9.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:network_data_loss_prevention:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:network_data_loss_prevention:9.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:xinuos:openserver:5.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xinuos:openserver:5.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:xinuos:unixware:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xinuos:unixware:7.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0230"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery is credited to Paul A. Watson.",
"sources": [
{
"db": "BID",
"id": "10183"
}
],
"trust": 0.3
},
"cve": "CVE-2004-0230",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2004-0230",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-8660",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0230",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#415294",
"trust": 0.8,
"value": "12.90"
},
{
"author": "CNNVD",
"id": "CNNVD-200408-159",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-8660",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2004-0230",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "VULHUB",
"id": "VHN-8660"
},
{
"db": "VULMON",
"id": "CVE-2004-0230"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000150"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-159"
},
{
"db": "NVD",
"id": "CVE-2004-0230"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. A vulnerability exists in the reliance of the Border Gateway Protocol (BGP) on the Transmission Control Protocol (TCP) to maintain persistent sessions. Sustained exploitation of this vulnerability could lead to a denial-of-service condition affecting a large segment of the Internet community. Normal operations would most likely resume shortly after the attack stopped. TCP Has a sequence number TCP There is a problem that it is justified if it is within the window. Therefore, there is a vulnerability that makes it easy to guess the external sequence number when establishing a long-term connection that increases the window size. Note that products affected by this vulnerability TCP Covers many products with implementation. For more information, NISCC-236929 (JVN) , NISCC Advisory 236929 (CPNI Advisory 00391) Please check also.A third party TCP By predicting the sequence number of a particular TCP Service operation interruption such as forcibly terminating a connection (DoS) There is a possibility of being attacked. A vulnerability in TCP implementations may permit unauthorized remote users to reset TCP sessions. This issue affects products released by multiple vendors. Exploiting this issue may permit remote attackers to more easily approximate TCP sequence numbers. This will permit a remote attacker to inject a SYN or RST packet into the session, causing it to be reset and effectively allowing denial-of-service attacks. An attacker would exploit this issue by sending a packet to a receiving implementation with an approximated sequence number and a forged source IP and TCP port. \nFew factors may present viable target implementations, such as imlementations that:\n- depend on long-lived TCP connections\n- have known or easily guessed IP address endpoints\n- have known or easily guessed TCP source ports. As a result, this issue is likely to affect a number of routing platforms. \nNote also that while a number of vendors have confirmed this issue in various products, investigations are ongoing and it is likely that many other vendors and products will turn out to be vulnerable as the issue is investigated further. \nOther consequences may also result from this issue, such as injecting specific data in TCP sessions, but this has not been confirmed. \n**Update: Microsoft platforms are also reported prone to this vulnerability. Vendor reports indicate that an attacker will require knowledge of the IP address and port numbers of the source and destination of an existent legitimate TCP connection in order to exploit this vulnerability on Microsoft platforms. The following products and versions are affected: Oracle Solaris 10, 11; Openpgp 2.6.2; Mcafee Network Data Loss Prevention 8.6 and earlier, 9.2.0, 9.2.1, 9.2.2; Netbsd 1.5, Version 1.5.1, Version 1.5.2, Version 1.5.3, Version 1.6, Version 1.6.1, Version 1.6.2, Version 2.0; Xinuos Openserver Version 5.0.6, Version 5.0.7; Juniper Networks Junos OS; Xinuos Unixware Version 7.1.1, Version 7.1.3. \n\n----------------------------------------------------------------------\n\nWant a new IT Security job?\n\nVacant positions at Secunia:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nAvaya Intuity Audix TCP Connection Reset Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15263\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15263/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nAvaya Intuity Audix R5\nhttp://secunia.com/product/4586/\n\nDESCRIPTION:\nAvaya has acknowledged a vulnerability in Intuity Audix, which can be\nexploited by malicious people to reset established TCP connections on\na vulnerable system. \n\nFor more information:\nSA11440\n\nSOLUTION:\nA patch will reportedly be included in the next major release. \n\nORIGINAL ADVISORY:\nAvaya:\nhttp://support.avaya.com/elmodocs2/security/ASA-2005-097_SCASA-2005-14.pdf\n\nOTHER REFERENCES:\nSA11440:\nhttp://secunia.com/advisories/11440/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. Routing operations would recover quickly\n after such attacks ended. \n\nI. Description\n\n In 2001, the CERT Coordination Center released CA-2001-09, describing\n statistical weaknesses in various TCP/IP Initial Sequence generators. \n In that document (\u003chttp://www.cert.org/advisories/CA-2001-09.html\u003e),\n it was noted by Tim Newsham:\n\n [I]f a sequence number within the receive window is known, an\n attacker can inject data into the session stream or terminate the\n connection. If the ISN value is known and the number of bytes sent\n already sent is known, an attacker can send a simple packet to\n inject data or kill the session. \n\n Paul Watson has performed the statistical analysis of this attack\n when the ISN is not known and has pointed out that such an attack\n could be viable when specifically taking into account the TCP\n Window size. He has also created a proof-of-concept tool\n demonstrating the practicality of the attack. The National\n Infrastructure Security Co-Ordination Centre (NISCC) has published\n an advisory summarizing Paul Watson\u0027s analysis in \"NISCC\n Vulnerability Advisory 236929,\" available at\n \u003chttp://www.uniras.gov.uk/vuls/2004/236929/index.htm\u003e. \n\n Since TCP is an insecure protocol, it is possible to inject\n transport-layer packets into sessions between hosts given the right\n preconditions. For detailed information about BGP and\n some tips for securing it, please see Cisco System\u0027s documentation\n (\u003chttp://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/bgp.htm\u003e\n or Team Cymru (\u003chttp://www.cymru.com/\u003e). This may result in a brief\n loss of service until the fresh routing tables are created. When\n this is taken into account, instead of attempting to send a spoofed\n packet with all potential sequence numbers, the attacker would only\n need to calculate an valid sequence number that falls within the next\n expected ISN plus or minus half the window size. According to Paul Watson\u0027s report,\n with a typical xDSL data connection (80 Kbps, upstream) capable of\n sending of 250 packets per second (pps) to a session with a TCP Window\n size of 65,535 bytes, it would be possible to inject a TCP packet\n approximately every 5 minutes. It would take approximately 15 seconds\n with a T-1 (1.544 Mbps) connection. These numbers are significant when\n large numbers of compromised machines (often called \"botnets\" or\n \"zombies\") can be used to generate large amounts of packets that can\n be directed at a particular host. \n\n To protect against such injections, RFC 2385 provides a method of\n using MD5 signatures on the TCP Headers. If this form of verification\n is supported and enabled between two peers, then an attacker would\n have to obtain the key used to transmit the packet in order to\n successfully inject a packet into the TCP session. Another alternative\n would be to tunnel BGP over IPSec. Again, this would provide a form of\n authentication between the BGP peers and the data that they transmit. \n The lack of authentication when using TCP for BGP makes this type of\n attack more viable. \n\n US-CERT is tracking this issue as VU#415294. This reference number\n corresponds to CVE candidate CAN-2004-0230. NISCC is tracking this\n issue as Advisory 236929. \n\nII. Impacts could range from data corruption or session\n hijacking to a denial-of-service condition. \n\nIII. Solution\n\nApply a patch from your vendor\n\n Please see you vendor\u0027s statement regarding the availability of\n patches, updates and mitigation strategies. The lack of cryptographically-strong\n security options for the TCP header itself is a deficiency that\n technologies like IPSec try to address. It must be noted that in the\n final analysis that if an attacker has the ability to see unencrypted\n TCP traffic generated from a site, that site is vulnerable to various\n TCP attacks - not just those mentioned here. A stronger measure that\n would aid in protecting against such TCP attacks is end-to-end\n cryptographic solutions like those outlined in various IPSec\n documents. \n\n The key idea with an end-to-end cryptographic solution is that there\n is some secure verification that a given packet belongs in a\n particular stream. However, the communications layer at which this\n cryptography is implemented will determine its effectiveness in\n repelling ISN based attacks. Solutions that operate above the\n Transport Layer (OSI Layer 4), such as SSL/TLS and SSH1/SSH2, only\n prevent arbitrary packets from being inserted into a session. They are\n unable to prevent a connection reset (denial of service) since the\n connection handling will be done by a lower level protocol (i.e.,\n TCP). On the other hand, Network Layer (OSI Layer 3) cryptographic\n solutions such as IPSec prevent both arbitrary packets entering a\n transport-layer stream and connection resets because connection\n management is directly integrated into the secure Network Layer\n security model. \n\n The solutions presented above have the desirable attribute of not\n requiring any changes to the TCP protocol or implementations to be\n made. RFC2385 (\"Protection of BGP Sessions via the TCP MD5\n Signature Option\") and other technologies provide options for adding\n cryptographic protection within the TCP header at the cost of some\n potential denial of service, interoperability, and performance issues. \n\nIngress filtering\n\n Ingress filtering manages the flow of traffic as it enters a network\n under your administrative control. You can configure your BGP routers\n to only accept packets on a specific network connection. Servers are\n typically the only machines that need to accept inbound connections\n from the public Internet. In the network usage policy of many sites,\n there are few reasons for external hosts to initiate inbound\n connections to machines that provide no public services. Thus, ingress\n filtering should be performed at the border to prohibit externally\n initiated inbound connections to non-authorized services. In this\n fashion, the effectiveness of many intruder scanning techniques can be\n dramatically reduced. \n\nNetwork Isolation\n\n Complex networks can benefit by separating data channels and control\n channels, such as BGP, into different logical or physical networks. \n Technologies such as VLANs, VPNs, leased links, NAT may all be able to\n contribute to separating the tranmission of control information from\n the transmission of the data stream. \n\nEgress filtering\n\n Egress filtering manages the flow of traffic as it leaves a network\n under your administrative control. There is typically limited need for\n machines providing public services to initiate outbound connections to\n the Internet. \n\n In the case of BGP, only your BGP routers should be establishing\n connections to your peers. Other BGP traffic generated on your network\n could be a sign of an attempted attack. \n\nAppendix A. As\n vendors report new information to US-CERT, we will update the\n vulnerability note. If a particular vendor is not listed in either the\n NISCC advisory, or the vulnerability, we recommend that you contact\n them for their comments. \n _________________________________________________________________\n\n US-CERT thanks Paul Watson, Cisco Systems and NISCC for notifying us\n about this problem and for helping us to construct this advisory. \n _________________________________________________________________\n\n Feedback can be directed to the US-CERT Technical Staff. \n _________________________________________________________________\n\n Copyright 2004 Carnegie Mellon University. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCisco Security Advisory:\\xa0TCP Vulnerabilities in Multiple IOS-Based Cisco\nProducts\n\nRevision 1.0\n\nFor Public Release 2004 April 20 21:00 UTC (GMT)\n\n- -------------------------------------------------------------------------\nSummary\n=======\nA vulnerability in the Transmission Control Protocol (TCP) specification\n(RFC793) has been discovered by an external researcher. The successful\nexploitation enables an adversary to reset any established TCP connection\nin a much shorter time than was previously discussed publicly. Depending\non the application, the connection may get automatically re-established. \nIn other cases, a user will have to repeat the action (for example, open\na new Telnet or SSH session). Depending upon the attacked protocol, a\nsuccessful attack may have additional consequences beyond terminated\nconnection which must be considered. This attack vector is only\napplicable to the sessions which are terminating on a device (such as a\nrouter, switch, or computer) and not to the sessions that are only\npassing through the device (for example, transit traffic that is being\nrouted by a router). In addition, this attack vector does not directly\ncompromise data integrity or confidentiality. \n\nThis advisory is available at \nhttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, \nand it describes this vulnerability as it applies to Cisco products that \nrun Cisco IOS\\xae software. \n\nA companion advisory that describes this vulnerability for products that\ndo not run Cisco IOS software is available at \nhttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml. The severity of the exposure\ndepends upon the protocols and applications that utilize TCP. \n\nThis attack vector is only applicable to the sessions which are\nterminating on a device (such as a router, switch, or computer), and not\nto the sessions that are only passing through the device (for example,\ntransit traffic that is being routed by a router). \n\nDetails\n=======\nTCP is the transport layer protocol designed to provide\nconnection-oriented reliable delivery of a data stream. To accomplish\nthis, TCP uses a mixture of flags to indicate state and sequence numbers\nto identify the order in which the packets are to be reassembled. The acknowledgement number is not used in a packet with the\nreset (RST) flag set because a reset does not expect a packet in return. \nThe full specification of the TCP protocol can be found at \nhttp://www.ietf.org/rfc/rfc0793.txt. \n\nAccording to the RFC793 specification, it is possible to reset an\nestablished TCP connection by sending a packet with the RST or\nsynchronize (SYN) flag set. However, the sequence number does not\nhave to be an exact match; it is sufficient to fall within the advertised\nwindow. This significantly decreases the effort required by an adversary:\nthe larger the window, the easier it is to reset the connection. The destination TCP port is usually\nknown for all standard services (for example, 23 for Telnet, 80 for\nHTTP). Cisco IOS software uses predictable ephemeral ports for known\nservices with a predictable increment (the next port which will be used\nfor a subsequent connection). These values, while constant for a\nparticular Cisco IOS software version and protocol, can vary from one\nrelease to another. \n\nHere is an example of a normal termination of a TCP session:\n \n \n Host(1) Host(2)\n | |\n | |\n | ACK ack=1001, window=5000 |\n |\u003c----------------------------|\n | |\n \n \n \n Host(1) is\n \n closing the session\n \n \n \n | RST seq=1001 |\n |----------------------------\u003e|\n | |\n \n \n \n Host(2) is\n \n closing the session\n \n \nIn addition, the following scenario is also permitted:\n \n \n Host(1) Host(2)\n | |\n | |\n | ACK ack=1001, window=5000 |\n |\u003c----------------------------|\n | |\n \n \n \n Host(1) is\n \n closing the session\n \n \n \n | RST seq=4321 |\n |----------------------------\u003e|\n | |\n \n \n \n Host(2) is\n \n closing the session\n \n \nNote how, in the second example, the RST packet was able to terminate the\nsession although the sequence number was not the next expected one (which\nis 1001). \n\nAs a general rule, all protocols where a TCP connection stays established\nfor longer than one minute should be considered exposed. \n\nThe exposure on this vulnerability can be described as follows:\n \n \n * Cisco IOS - All devices running Cisco IOS software are vulnerable. Sessions passing through the device are vulnerable only if\n the originating or receiving device is vulnerable, but they cannot be\n attacked on the router itself. This vulnerability does not compromise\n data integrity or confidentiality. It only affects availability. \n \n This vulnerability is documented in the Cisco Bug Toolkit as Bug IDs \n CSCed27956 ( registered customers only) and CSCed38527 ( registered\n customers only) . \n \n \n * Cisco IOS Firewall (IOS FW) - The Cisco IOS FW monitors packets\n passing throughout the router and maintains the session state\n internally. This way, it is possible to \"open\" required ports and\n allow traffic to pass and then close them after the session has\n finished. Since Cisco IOS FW intercepts and examines all packets\n passing through the device, all TCP sessions passing through the\n Cisco IOS FW are vulnerable to this attack. This is valid even if the\n originating and receiving devices themselves are not vulnerable. \n \n This vulnerability is documented in the Cisco Bug Toolkit as Bug ID \n CSCed93836 ( registered customers only) . \n \n \n * Network Address Translation (NAT) - This vulnerability does not have\n any effect on NAT. The NAT functionality simply rewrites ports and IP\n addresses. This feature does not interprete TCP flags and therefore\n is not vulnerable to this attack. However, the attacking packet will\n be passed through the router and the receiving device can be\n affected. \n \n\nImpact\n======\nThe impact will be different for each specific protocol. While in the\nmajority of cases a TCP connection will be automatically re-established,\nin some specific protocols a second order of consequences may have a\nlarger impact than tearing down the connection itself. Both external and internal (eBGP and iBGP) sessions\nare equally vulnerable. If an adversary tears down a BGP session between\ntwo routers, then all routes which were advertised between these two\npeers will be withdrawn. This would occur immediately for the router\nwhich has been attacked and after the next update/keepalive packet is\nsent by the other router. The BGP peering session itself will be\nre-established within a minute after the attack. Depending upon the exact\nrouting configuration, withdrawal of the routes may have any of the\nfollowing consequences:\n \n \n * No adverse effects at all if an appropriate static route(s) has(have)\n been defined on both sides of the affected session. \n \n * The traffic will be rerouted along other paths. This may cause some\n congestion along these paths. \n \n * A portion of the network will be completely isolated and unreachable. \n \n\nIf a BGP peering session is broken a few times within a short time\ninterval, then BGP route dampening may be invoked. Dampening means that\naffected routes will be withdrawn from the Internet routing table for\nsome period of time. By default that time is 45 minutes. During that\ntime, all of the traffic whose route was advertised over the attacked BGP\nsession will either be rerouted or a portion of the network will be\nunreachable. Route dampening is not enabled by default. \n\nCisco IOS Firewall Feature Set\n- ------------------------------\nIt is possible to terminate an established TCP-based connection even if\nboth endpoints are not vulnerable to this attack. \n\nSoftware Versions and Fixes\n===========================\nEach row of the table describes a release train and the platforms or\nproducts for which it is intended. If a given release train is\nvulnerable, then the earliest possible releases that contain the fix and\nthe anticipated date of availability for each are listed in the Rebuild,\nInterim, and Maintenance columns. In some cases, no rebuild of a\nparticular release is planned; this is marked with the label \"Not\nscheduled.\" A device running any release in the given train that is\nearlier than the release in a specific column (less than the earliest\nfixed release) is known to be vulnerable, and it should be upgraded at\nleast to the indicated release or a later version (greater than the\nearliest fixed release label). \n\nWhen selecting a release, keep in mind the following definitions:\n \n \n * Maintenance\n Most heavily tested and highly recommended release of any label in a\n given row of the table. \n \n \n * Rebuild\n Constructed from the previous maintenance or major release in the\n same train, it contains the fix for a specific vulnerability. \n Although it receives less testing, it contains only the minimal\n changes necessary to effect the repair. Cisco has made available\n several rebuilds of mainline trains to address this vulnerability,\n but strongly recommends running only the latest maintenance release\n on mainline trains. \n \n \n * Interim\n Built at regular intervals between maintenance releases and receives\n less testing. Interims should be selected only if there is no other\n suitable release that addresses the vulnerability, and interim images\n should be upgraded to the next available maintenance release as soon\n as possible. Interim releases are not available through\n manufacturing, and usually they are not available for customer\n download from CCO without prior arrangement with the Cisco Technical\n Assistance Center (TAC). \n \n\nIn all cases, customers should exercise caution to be certain the devices\nto be upgraded contain sufficient memory and that current hardware and\nsoftware configurations will continue to be supported properly by the new\nrelease. If the information is not clear, contact the Cisco TAC for\nassistance, as shown in the section following this table. \n\nFixed Cisco IOS Software Images for Cisco IOS Firewall\n\n+------------+---------------------------------+\n| Major | Availability of Repaired |\n| Release | Releases* |\n+------------+---------+---------+-------------+\n| Affected | Rebuild | Interim | Maintenance |\n| 12.1-Based | | ** | |\n| Release | | | |\n+------------+---------+---------+-------------+\n| 12.1 | 12.1 | | |\n| | (22c) | | |\n+------------+---------+---------+-------------+\n| 12.1E | 12.1 | | |\n| | (19)E7 | | |\n| +---------+---------+-------------+\n| | | | |\n+------------+---------+---------+-------------+\n| Affected | Rebuild | Interim | Maintenance |\n| 12.2-Based | | ** | |\n| Release | | | |\n+------------+---------+---------+-------------+\n| 12.2 | 12.2 | | |\n| | (21b) | | |\n| +---------+---------+-------------+\n| | 12.2 | | |\n| | (23a) | | |\n+------------+---------+---------+-------------+\n| 12.2T | 12.2 | | |\n| | (11)T11 | | |\n| +---------+---------+-------------+\n| | 12.2 | | |\n| | (13)T12 | | |\n| +---------+---------+-------------+\n| | 12.2 | | |\n| | (15)T12 | | |\n+------------+---------+---------+-------------+\n| Affected | Rebuild | Interim | Maintenance |\n| 12.3-Based | | ** | |\n| Release | | | |\n+------------+---------+---------+-------------+\n| 12.3 | 12.3 | | |\n| | (5c) | | |\n| +---------+---------+-------------+\n| | 12.3 | | |\n| | (6a) | | |\n+------------+---------+---------+-------------+\n| 12.3T | 12.3(4) | | |\n| | T4 | | |\n+------------+---------+---------+-------------+\n\nFixed Cisco IOS Software Releases and Migration Path\n\n+----------+-------------------------------------+\n| Major | Availability of Repaired Releases* |\n| Release | |\n+----------+-------------+---------+-------------+\n| Affected | Rebuild | Interim | Maintenance |\n| 11.1 | | ** | |\n| -Based | | | |\n| Release | | | |\n+----------+-------------+---------+-------------+\n| 11.1 | 11.1 Vulnerable. Migrate to 11.2 |\n+----------+-------------------------------------+\n| 11.1AA | 11.1AA Vulnerable. Migrate to 11.2P |\n+----------+-------------------------------------+\n| 11.1CC | 11.1CC Vulnerable. Migrate to 12.0 |\n+----------+-------------+---------+-------------+\n| Affected | Rebuild | Interim | Maintenance |\n| 11.2 | | ** | |\n| -Based | | | |\n| Release | | | |\n+----------+-------------+---------+-------------+\n| 11.2 | 11.2(26f) | | |\n| | Available | | |\n| | on | | |\n| | 2004-Apr-21 | | |\n+----------+-------------+---------+-------------+\n| 11.2P | 11.2(26)P6 | | |\n| | Available | | |\n| | on | | |\n| | 2004-Apr-21 | | |\n+----------+-------------+---------+-------------+\n| 11.2SA | 11.2(8)SA6 Vulnerable. Migrate to |\n| | 12.0 |\n+----------+-------------+---------+-------------+\n| Affected | Rebuild | Interim | Maintenance |\n| 11.3 | | ** | |\n| -Based | | | |\n| Release | | | |\n+----------+-------------+---------+-------------+\n| 11.3 | 11.3 Vulnerable. Migrate to 12.0 |\n| +-------------+---------+-------------+\n| | 11.3(11b)T4 | | |\n| | Available | | |\n| | on | | |\n| | 2004-Apr-21 | | |\n| +-------------+---------+-------------+\n| | 11.3(11e) | | |\n| | Available | | |\n| | on | | |\n| | 2004-Apr-21 | | |\n+----------+-------------+---------+-------------+\n| Affected | Rebuild | Interim | Maintenance |\n| 12.0 | | ** | |\n| -Based | | | |\n| Release | | | |\n+----------+-------------+---------+-------------+\n| 12.0 | 12.0(28) | | |\n+----------+-------------+---------+-------------+\n| 12.0DA | 12.0DA Vulnerable. Migrate to |\n| | 12.2DA |\n+----------+-------------------------------------+\n| 12.0DB | 12.0DB Vulnerable. Migrate to |\n| | 12.1DB |\n+----------+-------------------------------------+\n| 12.0DC | 12.0DC Vulnerable. Migrate to |\n| | 12.1DC |\n+----------+-------------+---------+-------------+\n| 12.0S | 12.0(27)S | | |\n| +-------------+---------+-------------+\n| | 12.0(26)S2 | | |\n| +-------------+---------+-------------+\n| | 12.0(16)S11 | | |\n| +-------------+---------+-------------+\n| | 12.0(24)S5 | | |\n| +-------------+---------+-------------+\n| | 12.0(25)S3 | | |\n| +-------------+---------+-------------+\n| | 12.0(23)S6 | | |\n+----------+-------------+---------+-------------+\n| 12.0SL | 12.0SL Vulnerable. Migrate to 12.0 |\n| | (23)S3 |\n+----------+-------------------------------------+\n| 12.0ST | 12.0ST Vulnerable. Migrate to 12.0 |\n| | (26)S2 |\n+----------+-------------------------------------+\n| 12.0SX | 12.0(25)SX4 Not built - contact TAC |\n+----------+-------------------------------------+\n| 12.0SZ | 12.0SZ Vulnerable. Migrate to 12.0 |\n| | (26)S2 |\n+----------+-------------------------------------+\n| 12.0T | 12.0T Vulnerable. Migrate to 12.1 |\n+----------+-------------+---------+-------------+\n| 12.0W5 | 12.0(28)W5 | | |\n| | (30) | | |\n+----------+-------------+---------+-------------+\n| 12.0WC | 12.0(5)WC9a | | |\n| | Available | | |\n| | on | | |\n| | 2004-Apr-21 | | |\n+----------+-------------+---------+-------------+\n| 12.0WT | 12.0(13)WT Vulnerable. End of |\n| | Engineering |\n+----------+-------------------------------------+\n| 12.0WX | 12.0(4)WX Vulnerable. Migrate to |\n| | 12.0W5 |\n+----------+-------------------------------------+\n| 12.0XA | 12.0(1)XA Vulnerable. Migrate to |\n| | 12.1 Latest |\n+----------+-------------------------------------+\n| 12.0XB | 12.0(1)XB Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.0XC | 12.0(2)XC Vulnerable. Migrate to |\n| | 12.1 Latest |\n+----------+-------------------------------------+\n| 12.0XD | 12.0(2)XD Vulnerable. Migrate to |\n| | 12.1 Latest |\n+----------+-------------------------------------+\n| 12.0XE | 12.0(7)XE Vulnerable. Migrate to |\n| | 12.1E Latest |\n+----------+-------------------------------------+\n| 12.0XG | 12.0(3)XG Vulnerable. Migrate to |\n| | 12.1 Latest |\n+----------+-------------------------------------+\n| 12.0XH | 12.0(4)XH Vulnerable. Migrate to |\n| | 12.1 |\n+----------+-------------------------------------+\n| 12.0XI | 12.0(4)XI Vulnerable. Migrate to |\n| | 12.1 |\n+----------+-------------------------------------+\n| 12.0XJ | 12.0(4)XJ Vulnerable. Migrate to |\n| | 12.1 Latest |\n+----------+-------------------------------------+\n| 12.0XK | 12.0(7)XK Vulnerable. Migrate to |\n| | 12.1T Latest |\n+----------+-------------------------------------+\n| 12.0XL | 12.0(4)XL Vulnerable. Migrate to |\n| | 12.2 Latest |\n+----------+-------------------------------------+\n| 12.0XM | 12.0(4)XM Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.0XN | 12.0(5)XN Vulnerable. Migrate to |\n| | 12.1 Latest |\n+----------+-------------------------------------+\n| 12.0XP | 12.0(5.1)XP Vulnerable. Migrate to |\n| | 12.1 Latest |\n+----------+-------------------------------------+\n| 12.0XQ | 12.0(5)XQ Vulnerable. Migrate to |\n| | 12.1 Latest |\n+----------+-------------------------------------+\n| 12.0XR | 12.0(7)XR Vulnerable. Migrate to |\n| | 12.2 Latest |\n+----------+-------------------------------------+\n| 12.0XS | 12.0(5)XS Vulnerable. Migrate to |\n| | 12.1E Latest |\n+----------+-------------------------------------+\n| 12.0XU | 12.0(5)XU Vulnerable. Migrate to |\n| | 12.0(5)WC |\n+----------+-------------------------------------+\n| 12.0XV | 12.0(7)XV Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------+---------+-------------+\n| Affected | Rebuild | Interim | Maintenance |\n| 12.1 | | ** | |\n| -Based | | | |\n| Release | | | |\n+----------+-------------+---------+-------------+\n| 12.1 | 12.1(20a) | | |\n| +-------------+---------+-------------+\n| | 12.1(4c) | | |\n| +-------------+---------+-------------+\n| | 12.1(22a) | | |\n+----------+-------------+---------+-------------+\n| 12.1AA | 12.1(10)AA Vulnerable. Migrate to |\n| | 12.2 Latest |\n+----------+-------------+---------+-------------+\n| 12.1AX | 12.1(14)AX | | |\n+----------+-------------+---------+-------------+\n| 12.1AY | 12.1(13)AY Vulnerable. Migrate to |\n| | 12.1(14)EA1 |\n+----------+-------------------------------------+\n| 12.1DA | 12.2DA Vulnerable. Migrate to |\n| | 12.2DA |\n+----------+-------------------------------------+\n| 12.1DB | 12.1(5)DB Vulnerable. Migrate to |\n| | 12.2B |\n+----------+-------------+---------+-------------+\n| 12.1E | 12.1(19)E7 | | |\n| +-------------+---------+-------------+\n| | 12.1(22)E1 | | |\n| +-------------+---------+-------------+\n| | 12.1(11b) | | |\n| | E14 | | |\n| +-------------+---------+-------------+\n| | 12.1(20)E2 Not built - contact TAC |\n| +-------------+---------+-------------+\n| | 12.1(19)E6 | | |\n| +-------------+---------+-------------+\n| | 12.1(13)E13 | | |\n| +-------------+---------+-------------+\n| | 12.1(8b)E18 | | |\n| +-------------+---------+-------------+\n| | 12.1(14)E10 | | |\n| +-------------+---------+-------------+\n| | 12.1(13)E14 | | |\n+----------+-------------+---------+-------------+\n| 12.1EA | 12.1(20)EA1 | | |\n+----------+-------------+---------+-------------+\n| 12.1EB | 12.1(20)EB | | |\n+----------+-------------+---------+-------------+\n| 12.1EC | 12.1(20)EC | | |\n+----------+-------------+---------+-------------+\n| 12.1EO | 12.1(20)EO | | |\n| +-------------+---------+-------------+\n| | 12.1(19)EO2 | | |\n| | Available | | |\n| | on | | |\n| | 2004-Apr-25 | | |\n+----------+-------------+---------+-------------+\n| 12.1EU | 12.1(20)EU | | |\n+----------+-------------+---------+-------------+\n| 12.1EV | 12.1(12c)EV Vulnerable. Migrate to |\n| | 12.2(RLS4)S |\n+----------+-------------+---------+-------------+\n| 12.1EW | 12.1(20)EW2 | | |\n| | Available | | |\n| | on | | |\n| | 2004-Apr-21 | | |\n+----------+-------------+---------+-------------+\n| 12.1EX | 12.1EX Vulnerable. Migrate to 12.1 |\n| | (14)E |\n+----------+-------------------------------------+\n| 12.1EY | 12.1(10)EY Vulnerable. Migrate to |\n| | 12.1(14)E |\n+----------+-------------+---------+-------------+\n| 12.1T | 12.1(5)T17 | | |\n+----------+-------------+---------+-------------+\n| 12.1XA | 12.1(1)XA Vulnerable. Migrate to |\n| | 12.1(5)T18 |\n+----------+-------------------------------------+\n| 12.1XB | 12.1(1)XB Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.1XC | 12.1(1)XC Vulnerable. Migrate to |\n| | 12.2 |\n+----------+-------------------------------------+\n| 12.1XD | 12.1(1)XD Vulnerable. Migrate to |\n| | 12.2 |\n+----------+-------------------------------------+\n| 12.1XE | 12.1(1)XE Vulnerable. Migrate to |\n| | 12.1E Latest |\n+----------+-------------------------------------+\n| 12.1XF | 12.1(2)XF Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.1XG | 12.1(3)XG Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.1XH | 12.1(2a)XH Vulnerable. Migrate to |\n| | 12.2 |\n+----------+-------------------------------------+\n| 12.1XI | 12.1(3a)XI Vulnerable. Migrate to |\n| | 12.2 Latest |\n+----------+-------------------------------------+\n| 12.1XJ | 12.1(3)XJ Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.1XL | 12.1(3)XL Vulnerable. Migrate to |\n| | 12.2T Latest |\n+----------+-------------------------------------+\n| 12.1XM | 12.1(5)XM Vulnerable. Migrate to |\n| | 12.2T Latest |\n+----------+-------------------------------------+\n| 12.1XP | 12.1(3)XP Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.1XQ | 12.1(3)XQ Vulnerable. Migrate to |\n| | 12.2T Latest |\n+----------+-------------------------------------+\n| 12.1XR | 12.1(5)XR Vulnerable. Migrate to |\n| | 12.2T Latest |\n+----------+-------------------------------------+\n| 12.1XT | 12.1(3)XT Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.1XU | 12.1(5)XU Vulnerable. Migrate to |\n| | 12.2T Latest |\n+----------+-------------------------------------+\n| 12.1XV | 12.1(5)XV Vulnerable. Migrate to |\n| | 12.2XB |\n+----------+-------------------------------------+\n| 12.1YA | 12.1(5)YA Vulnerable. Migrate to |\n| | 12.2(8)T |\n+----------+-------------------------------------+\n| 12.1YB | 12.1(5)YB Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.1YC | 12.1(5)YC Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.1YD | 12.1(5)YD Vulnerable. Migrate to |\n| | 12.2(8)T |\n+----------+-------------------------------------+\n| 12.1YE | 12.1(5)YE5 Vulnerable. Migrate to |\n| | 12.2(2)YC |\n+----------+-------------------------------------+\n| 12.1YF | 12.1(5)YF2 Vulnerable. Migrate to |\n| | 12.2(2)YC |\n+----------+-------------------------------------+\n| 12.1YH | 12.1(5)YH2 Vulnerable. Migrate to |\n| | 12.2(13)T |\n+----------+-------------------------------------+\n| 12.1YI | 12.1(5)YI2 Vulnerable. Migrate to |\n| | 12.2(2)YC |\n+----------+-------------------------------------+\n| 12.1YJ | 12.1(11)YJ Vulnerable. Migrate to |\n| | 12.1EA Latest |\n+----------+-------------+---------+-------------+\n| Affected | Rebuild | Interim | Maintenance |\n| 12.2 | | ** | |\n| -Based | | | |\n| Release | | | |\n+----------+-------------+---------+-------------+\n| 12.2 | 12.2(19b) | | |\n| +-------------+---------+-------------+\n| | 12.2(16f) | | |\n| +-------------+---------+-------------+\n| | 12.2(21a) | | |\n| +-------------+---------+-------------+\n| | 12.2(23) | | |\n| +-------------+---------+-------------+\n| | 12.2(12i) | | |\n| +-------------+---------+-------------+\n| | 12.2(10g) | | |\n| +-------------+---------+-------------+\n| | 12.2(13e) | | |\n| +-------------+---------+-------------+\n| | 12.2(17d) | | |\n| +-------------+---------+-------------+\n| | 12.2(21b) | | |\n| +-------------+---------+-------------+\n| | 12.2(23a) | | |\n+----------+-------------+---------+-------------+\n| 12.2B | 12.2(2)B - 12.2(4)B7 Vulnerable. |\n| | Migrate to 12.2(13)T12 |\n| +-------------------------------------+\n| | 12.2(4)B8 AND FWD Vulnerable. |\n| | Migrate to 12.3(5a)B1 |\n+----------+-------------+---------+-------------+\n| 12.2BC | 12.2(15) | | |\n| | BC1C | | |\n+----------+-------------+---------+-------------+\n| 12.2BW | 12.2(4)BW Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------+---------+-------------+\n| 12.2BX | 12.2(16)BX2 | | |\n+----------+-------------+---------+-------------+\n| 12.2BY | 12.2(4)BY Vulnerable. Migrate to |\n| | 12.2(15)B |\n| +-------------------------------------+\n| | 12.2(8)BY Vulnerable. Migrate to |\n| | 12.2(8)ZB |\n| +-------------------------------------+\n| | 12.2(2)BY Vulnerable. Migrate to |\n| | 12.2(8)BZ |\n+----------+-------------------------------------+\n| 12.2BZ | 12.2(15)BZ Vulnerable. Migrate to |\n| | 12.2(16)BX |\n+----------+-------------------------------------+\n| 12.2CX | 12.2(11)CX Vulnerable. Migrate to |\n| | 12.2(15)BC |\n+----------+-------------------------------------+\n| 12.2CY | 12.2(11)CY Vulnerable. Migrate to |\n| | 12.2(13)BC1C |\n+----------+-------------------------------------+\n| 12.2DD | 12.2DD Vulnerable. Migrate to 12.2 |\n| | (4)B1 |\n+----------+-------------------------------------+\n| 12.2DX | 12.2(1)DX Vulnerable. Migrate to |\n| | 12.2DD |\n| +-------------------------------------+\n| | 12.2(2)DX Vulnerable. Migrate to |\n| | 12.2B Latest |\n+----------+-------------+---------+-------------+\n| 12.2EW | 12.2(18)EW | | |\n+----------+-------------+---------+-------------+\n| 12.2JA | 12.2(13)JA4 | | |\n| +-------------+---------+-------------+\n| | 12.2(13)JA2 | | |\n| +-------------+---------+-------------+\n| | 12.2(11)JA3 | | |\n+----------+-------------+---------+-------------+\n| 12.2MC | 12.2(15) | | |\n| | MC1B | | |\n+----------+-------------+---------+-------------+\n| 12.2S | 12.2(22)S | | |\n| +-------------+---------+-------------+\n| | 12.2(14)S7 | | |\n| +-------------+---------+-------------+\n| | 12.2(20)S1 | | |\n| +-------------+---------+-------------+\n| | 12.2(20)S3 | | |\n| | Available | | |\n| | on | | |\n| | 2004-Apr-21 | | |\n| +-------------+---------+-------------+\n| | 12.2(18)S3 | | |\n+----------+-------------+---------+-------------+\n| 12.2SE | 12.2(18)SE | | |\n+----------+-------------+---------+-------------+\n| 12.2SW | 12.2(21)SW | | |\n+----------+-------------+---------+-------------+\n| 12.2SX | 12.2(17a) | | |\n| | SX2 | | |\n+----------+-------------+---------+-------------+\n| 12.2SXA | 12.2(17b) | | |\n| | SXA1 | | |\n+----------+-------------+---------+-------------+\n| 12.2SXB | 12.2(17d)SXB1 Not built - contact |\n| | TAC |\n+----------+-------------+---------+-------------+\n| 12.2SY | 12.2(14)SY3 | | |\n+----------+-------------+---------+-------------+\n| 12.2SZ | 12.2(14)SZ6 | | |\n+----------+-------------+---------+-------------+\n| 12.2T | 12.2(15)T11 | | |\n| +-------------+---------+-------------+\n| | 12.2(13)T12 | | |\n| +-------------+---------+-------------+\n| | 12.2(11)T11 Not built - contact TAC |\n| +-------------+---------+-------------+\n| | 12.2(13)T11 | | |\n+----------+-------------+---------+-------------+\n| 12.2XA | 12.2(2)XA Vulnerable. Migrate to |\n| | 12.2(11)T |\n+----------+-------------------------------------+\n| 12.2XB | 12.2(2)XB Vulnerable. Migrate to |\n| | 12.2(15)T |\n+----------+-------------------------------------+\n| 12.2XC | 12.2(2)XC Vulnerable. Migrate to |\n| | 12.2(8)ZB |\n+----------+-------------------------------------+\n| 12.2XD | 12.2(1)XD Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2XE | 12.2(1)XE Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2XF | 12.2(1)XF1 Vulnerable. Migrate to |\n| | 12.2(4)BC1C |\n+----------+-------------------------------------+\n| 12.2XG | 12.2(2)XG Vulnerable. Migrate to |\n| | 12.2(8)T |\n+----------+-------------------------------------+\n| 12.2XH | 12.2(2)XH Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2XI | 12.2(2)XI2 Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2XJ | 12.2(2)XJ Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2XK | 12.2(2)XK Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2XL | 12.2(4)XL Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2XM | 12.2(4)XM Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2XN | 12.2(2)XN Vulnerable. Migrate to |\n| | 12.2(11)T |\n+----------+-------------------------------------+\n| 12.2XQ | 12.2(2)XQ Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2XS | 12.2(1)XS Vulnerable. Migrate to |\n| | 12.2(11)T |\n+----------+-------------------------------------+\n| 12.2XT | 12.2(2)XT Vulnerable. Migrate to |\n| | 12.2(11)T |\n+----------+-------------------------------------+\n| 12.2XU | 12.2(2)XU Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2XW | 12.2(4)XW Vulnerable. Migrate to |\n| | 12.2(13)T12 |\n+----------+-------------------------------------+\n| 12.2YA | 12.2(4)YA Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2YB | 12.2(4)YB Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2YC | 12.2(2)YC Vulnerable. Migrate to |\n| | 12.2(11)T11 |\n+----------+-------------------------------------+\n| 12.2YD | 12.2(8)YD Vulnerable. Migrate to |\n| | 12.2(8)YY |\n+----------+-------------------------------------+\n| 12.2YE | 12.2(9)YE Vulnerable. Migrate to |\n| | 12.2S |\n+----------+-------------------------------------+\n| 12.2YF | 12.2(4)YF Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2YG | 12.2(4)YG Vulnerable. Migrate to |\n| | 12.2(13)T12 |\n+----------+-------------------------------------+\n| 12.2YH | 12.2(4)YH Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2YJ | 12.2(8)YJ Vulnerable. Migrate to |\n| | 12.2(15)T12 |\n+----------+-------------------------------------+\n| 12.2YK | 12.2(2)YK Vulnerable. Migrate to |\n| | 12.2(13)ZC |\n+----------+-------------------------------------+\n| 12.2YL | 12.2(8)YL Vulnerable. Migrate to |\n| | 12.3(2)T |\n+----------+-------------------------------------+\n| 12.2YM | 12.2(8)YM Vulnerable. Migrate to |\n| | 12.3(2)T |\n+----------+-------------------------------------+\n| 12.2YN | 12.2(8)YN Vulnerable. Migrate to |\n| | 12.3(2)T |\n+----------+-------------------------------------+\n| 12.2YO | 12.2(9)YO Vulnerable. Migrate to |\n| | 12.2(14)SY |\n+----------+-------------------------------------+\n| 12.2YP | 12.2(11)YP Vulnerable. Migrate to |\n| | 12.2T Latest |\n+----------+-------------------------------------+\n| 12.2YQ | 12.2(11)YQ Vulnerable. Migrate to |\n| | 12.3(2)T |\n+----------+-------------------------------------+\n| 12.2YR | 12.2(11)YR Vulnerable. Migrate to |\n| | 12.3(2)T |\n+----------+-------------------------------------+\n| 12.2YS | 12.2(11)YS Vulnerable. Migrate to |\n| | 12.3T |\n+----------+-------------------------------------+\n| 12.2YT | 12.2(11)YT Vulnerable. Migrate to |\n| | 12.2(15)T |\n+----------+-------------------------------------+\n| 12.2YU | 12.2(11)YU Vulnerable. Migrate to |\n| | 12.3(2)T |\n+----------+-------------------------------------+\n| 12.2YV | 12.2(11)YV Vulnerable. Migrate to |\n| | 12.3(4)T |\n+----------+-------------------------------------+\n| 12.2YW | 12.2(8)YW Vulnerable. Migrate to |\n| | 12.3(2)T |\n+----------+-------------------------------------+\n| 12.2YX | 12.2(11)YX Vulnerable. Migrate to |\n| | 12.2(RLS3)S |\n+----------+-------------------------------------+\n| 12.2YY | 12.2(8)YY Vulnerable. Migrate to |\n| | 12.3(1)T |\n+----------+-------------------------------------+\n| 12.2YZ | 12.2(11)YZ Vulnerable. Migrate to |\n| | 12.2(14)SZ |\n+----------+-------------+---------+-------------+\n| 12.2ZA | 12.2(14)ZA6 | | |\n+----------+-------------+---------+-------------+\n| 12.2ZB | 12.2(8)ZB Vulnerable. Migrate to |\n| | 12.3T |\n+----------+-------------------------------------+\n| 12.2ZC | 12.2(13)ZC Vulnerable. Migrate to |\n| | 12.3T |\n+----------+-------------+---------+-------------+\n| 12.2ZD | 12.2(13)ZD1 | | |\n+----------+-------------+---------+-------------+\n| 12.2ZE | 12.2(13)ZE Vulnerable. Migrate to |\n| | 12.3 |\n+----------+-------------------------------------+\n| 12.2ZF | 12.2(13)ZF Vulnerable. Migrate to |\n| | 12.3(4)T |\n+----------+-------------------------------------+\n| 12.2ZG | 12.2(13)ZG Vulnerable. Migrate to |\n| | 12.3(4)T |\n+----------+-------------------------------------+\n| 12.2ZH | 12.2(13)ZH Vulnerable. Migrate to |\n| | 12.3(4)T |\n+----------+-------------------------------------+\n| 12.2ZI | 12.2(11)ZI Vulnerable. Migrate to |\n| | 12.2(18)S |\n+----------+-------------+---------+-------------+\n| 12.2ZJ | 12.2(15)ZJ5 | | |\n| +-------------+---------+-------------+\n| | 12.2(15)ZJ4 | | |\n+----------+-------------+---------+-------------+\n| 12.2ZK | 12.2(15)ZK Vulnerable. Migrate to |\n| | 12.3T |\n+----------+-------------------------------------+\n| 12.2ZL | 12.2(15)ZL Vulnerable. Migrate to |\n| | 12.3(7)T |\n+----------+-------------------------------------+\n| 12.2ZN | 12.2(15)ZN Vulnerable. Migrate to |\n| | 12.3(2)T |\n+----------+-------------+---------+-------------+\n| 12.2ZP | 12.2(13)ZP3 | | |\n+----------+-------------+---------+-------------+\n| Affected | Rebuild | Interim | Maintenance |\n| 12.3 | | ** | |\n| -Based | | | |\n| Release | | | |\n+----------+-------------+---------+-------------+\n| 12.3 | 12.3(3e) | | |\n| +-------------+---------+-------------+\n| | 12.3(6) | | |\n| +-------------+---------+-------------+\n| | 12.3(5b) | | |\n+----------+-------------+---------+-------------+\n| 12.3B | 12.3(5a)B | | |\n| +-------------+---------+-------------+\n| | 12.3(3)B1 | | |\n+----------+-------------+---------+-------------+\n| 12.3BW | 12.3(1a)BW Vulnerable. Migrate to |\n| | 12.3B |\n+----------+-------------+---------+-------------+\n| 12.3T | 12.3(2)T4 | | |\n| +-------------+---------+-------------+\n| | 12.3(7)T1 Not built - contact TAC |\n| +-------------+---------+-------------+\n| | 12.3(4)T3 | | |\n+----------+-------------+---------+-------------+\n| 12.3XA | 12.3(2)XA Vulnerable. Contact TAC. |\n+----------+-------------+---------+-------------+\n| 12.3XB | 12.3(2)XB2 | | |\n+----------+-------------+---------+-------------+\n| 12.3XC | 12.3(2)XC2 | | |\n+----------+-------------+---------+-------------+\n| 12.3XD | 12.3(4)XD1 | | |\n+----------+-------------+---------+-------------+\n| 12.3XE | 12.3(2)XE Vulnerable. Migrate to |\n| | 12.3T |\n+----------+-------------------------------------+\n| 12.3XF | 12.3(2)XF Vulnerable. Contact TAC |\n| | if needed. |\n+----------+-------------+---------+-------------+\n| 12.3XG | 12.3(4)XG | | |\n+----------+-------------+---------+-------------+\n| 12.3XH | 12.3(4)XH | | |\n+----------+-------------+---------+-------------+\n| 12.3XI | 12.3(7)XI Vulnerable. Migrate to |\n| | 12.3T |\n+----------+-------------------------------------+\n| 12.3XJ | 12.3(7)XJ Vulnerable. Contact TAC |\n| | if needed |\n+----------+-------------+---------+-------------+\n| 12.3XK | 12.3(4)XK | | |\n+----------+-------------+---------+-------------+\n| 12.3XL | 12.3(7)XL Vulnerable. Contact Tac |\n| | if needed |\n+----------+-------------------------------------+\n| 12.3XM | 12.3(9)XM Vulnerable. Contact TAC |\n| | if needed. |\n+----------+-------------------------------------+\n| 12.3XN | 12.3(4)XN Vulnerable. Contact TAC |\n| | if needed. |\n+----------+-------------------------------------+\n| 12.3XQ | 12.3(4)XQ Vulnerable. Contact TAC |\n| | if needed. |\n+----------+-------------------------------------+\n| * All dates are estimated and subject to |\n| change. |\n| |\n| ** Interim releases are subjected to less |\n| rigorous testing than regular maintenance |\n| releases, and may have serious bugs. |\n+------------------------------------------------+\n\nObtaining Fixed Software\n========================\nCustomers with Service Contracts\n\nCustomers with contracts should obtain upgraded software through their\nregular update channels. For most customers, this means that upgrades\nshould be obtained through the Software Center on Cisco\u0027s worldwide\nwebsite at http://www.cisco.com. \n\nCustomers using Third-party Support Organizations\n\nCustomers whose Cisco products are provided or maintained through prior\nor existing agreement with third-party support organizations such as\nCisco Partners, authorized resellers, or service providers should contact\nthat support organization for assistance with the upgrade, which should\nbe free of charge. \n\nCustomers without Service Contracts\n\nCustomers who purchase direct from Cisco but who do not hold a Cisco\nservice contract and customers who purchase through third-party vendors\nbut are unsuccessful at obtaining fixed software through their point of\nsale should get their upgrades by contacting the Cisco Technical\nAssistance Center (TAC). TAC contacts are as follows. \n \n \n * +1 800 553 2447 (toll free from within North America)\n \n * +1 408 526 7209 (toll call from anywhere in the world)\n \n * e-mail: tac@cisco.com\n \n\nSee http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for\nadditional TAC contact information, including special localized telephone\nnumbers and instructions and e-mail addresses for use in various\nlanguages. \n\nPlease have your product serial number available and give the URL of this\nnotice as evidence of your entitlement to a free upgrade. Free upgrades\nfor non-contract customers must be requested through the TAC. \n\nPlease do not contact either \"psirt@cisco.com\" or\n\"security-alert@cisco.com\" for software upgrades. \n\nWorkarounds\n===========\nThe effectiveness of any workaround is dependent on specific customer\nsituations such as product mix, network topology, traffic behavior, and\norganizational mission. Due to the variety of affected products and\nreleases, customers should consult with their service provider or support\norganization to ensure any applied workaround is the most appropriate for\nuse in the intended network before it is deployed. \n\nThere are no workarounds available to mitigate the effects of this\nvulnerability on Cisco IOS Firewall. \n\nFor BGP, we will present the workaround and only a few mitigation\ntechniques. For additional information regarding BGP security risk\nassessment, mitigation techniques, and deployment best practices, please\nconsult ftp://ftp-eng.cisco.com/cons/isp/security/\nBGP-Risk-Assesment-v.pdf. \n \n \n * BGP MD5 secret\n \n The workaround for BGP is to configure MD5 secret for each session\n between peers. This can be configured as shown in the following\n example:\n router(config)#router bgp \u003cAS-_number\u003e\n router(config-router)#neighbor \u003cIP_address\u003e password \u003center_your_secret_here\u003e\n \n It is necessary to configure the same shared MD5 secret on both peers\n and at the same time. Failure to do so will break the existing BGP\n session and the new session will not get established until the exact\n same secret is configured on both devices. For a detailed discussion\n on how to configure BGP, refer to the following document \n http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/\n products_configuration_guide_chapter09186a00800ca571.html . Once the\n secret is configured, it is prudent to change it periodically. The\n exact period must fit within your company security policy but it\n should not be longer than a few months. When changing the secret,\n again it must be done at the same time on both devices. Failure to do\n so will break your existing BGP session. The exception is if your\n Cisco IOS software release contains the integrated CSCdx23494 ( \n registered customers only) fix. With this fix, the BGP session will\n not be terminated when the MD5 secret is changed only on one side. \n The BGP updates, however, will not be processed until either the same\n secret is configured on both devices or the secret is removed from\n both devices. \n \n\nIt is possible to mitigate the exposure for BGP on this vulnerability by\napplying one or more of the following measures which will lessen the\npotential for the necessary spoofing required to implement a successful\nattack:\n \n \n * Blocking access to the core infrastructure\n \n Although it is often difficult to block traffic transiting your\n network, it is possible to identify traffic which should never be\n allowed to target your infrastructure devices and block that traffic\n at the border of your network. Infrastructure access control lists\n (ACLs) are considered a network security best practice and should be\n considered as a long-term addition to good network security as well\n as a workaround for this specific vulnerability. The white paper\n entitled \"Protecting Your Core: Infrastructure Protection Access\n Control Lists\", available at http://www.cisco.com/warp/public/707/\n iacl.html, presents guidelines and recommended deployment techniques\n for infrastructure protection ACLs. Exceptions would include any\n devices which have a legitimate reason to access your infrastructure\n (for example, BGP peers, NTP sources, DNS serves, and so on). All\n other traffic must be able to traverse your network without\n terminating on any of your devices. \n \n \n * Configure anti-spoofing measures on the network edge\n In order for an adversary to use the attack vector described in this\n advisory, it must send packets with the source IP address equal to\n one of the BGP peers. You can block spoofed packets either using the\n Unicast Reverse Path Forwarding (uRPF) feature or by using access\n control lists (ACLs). \n By enabling uRPF, all spoofed packets will be dropped at the first\n device. To enable uRPF, use the following commands:\n router(config)#ip cef \n \n router(config)#ip verify unicast reverse-path\n \n Please consult http://www.cisco.com/en/US/products/sw/iosswrel/ps1835\n /products_configuration_guide_chapter09186a00800ca7d4.html and ftp://\n ftp-eng.cisco.com/cons/isp/security/URPF-ISP.pdf for further details\n on how uRPF works and how to configure it in various scenarios. This\n is especially important if you are using asymmetric routing. \n ACLs should also be deployed as close to the edge as possible. Unlike\n uRPF, you must specify the exact IP range that is permitted. \n Specifying which addresses should be blocked is not the optimal\n solution because it tends to be harder to maintain. \n \n Caution: In order for anti-spoofing measures to be effective,\n they must be deployed at least one hop away from the devices which\n are being protected. Ideally, they will be deployed at the network\n edge facing your customers. \n \n * Packet rate limiting RST packets are rate-limited in Cisco IOS\n software by default. This feature is introduced in Cisco IOS Software\n Release 10.2. In the case of a storm of RST packets, they are\n effectively limited to one packet per second. In order to be\n successful, an attacker must terminate connection with the first few\n packets. Otherwise, the attack is deemed to be impracticably long. On\n the other hand, SYN packets are not rate-limited in any way. \n Rate limiting can be accomplished either by using Committed Access\n Rate (CAR) or by Control Plane Policing (CPP). While CPP is the\n recommended approach, it is available only for Cisco IOS Software\n Releases 12.2(18)S and 12.3(4)T. It is currently supported only on\n the following routers: 1751, 2600/2600-XM, 3700, 7200, and 7500\n Series. \n\n CAR can be configured as follows:\n\n router(config)#access-list 103 deny tcp any host 10.1.1.1 established\n \n router(config)#access-list 103 permit tcp any host 10.0.0.1\n \n router(config)#interface \u003cinterface\u003e \u003cinterface #\u003e\n \n router(config-if)#rate-limit input access-group 103 8000 8000 8000 \n conform-action transmit exceed-action drop\n \n For details on how to configure and deploy CPP, please consult the\n following document http://www.cisco.com/en/US/products/sw/iosswrel/\n ps1838/products_white_paper09186a0080211f39.shtml\n \n\nExploitation and Public Announcements\n=====================================\nThe Cisco PSIRT is not aware of any public announcements or malicious use\nof the vulnerability described in this advisory. \n\nThe exploitation of the vulnerability with packets having RST flag set\n(reset packets) was discovered by Paul (Tony) Watson of OSVDB.org. The\nextension of the attack vector to packets with SYN flag was discovered by\nthe vendors cooperating on the resolution of this issue. \n\nStatus of This Notice: INTERIM\n==============================\nThis is a INTERIM advisory. Although Cisco cannot guarantee the accuracy of\nall statements in this advisory, all of the facts have been checked to\nthe best of our ability. Cisco does not anticipate issuing updated\nversions of this advisory unless there is some material change in the\nfacts. Should there be a significant change in the facts, Cisco may\nupdate this advisory. \n\nA stand-alone copy or Paraphrase of the text of this Security Advisory\nthat omits the distribution URL in the following section is an\nuncontrolled copy, and may lack important information or contain factual\nerrors. \n\nDistribution\n============\nThis advisory will be posted on Cisco\u0027s worldwide website at \nhttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml. \n\nIn addition to worldwide web posting, a text version of this notice is\nclear-signed with the Cisco PSIRT PGP key and is posted to the following\ne-mail and Usenet news recipients. \n \n \n * cust-security-announce@cisco.com\n \n * first-teams@first.org (includes CERT/CC)\n \n * bugtraq@securityfocus.com\n \n * vulnwatch@wulnwatch.org\n \n * cisco@spot.colorado.edu\n \n * cisco-nsp@puck.nether.net\n \n * full-disclosure@lists.netsys.com\n \n * comp.dcom.sys.cisco@newsgate.cisco.com\n \n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on mailing\nlists or newsgroups. Users concerned about this problem are encouraged to\ncheck the above URL for any updates. \n\nRevision History\n================\n+----------+-------------+----------------+\n| Revision | 2004-Apr-20 | Initial public |\n| 1.0 | | release. |\n+----------+-------------+----------------+\n\nCisco Security Procedures\n=========================\nComplete information on reporting security vulnerabilities in Cisco\nproducts, obtaining assistance with security incidents, and registering\nto receive security information from Cisco, is available on Cisco\u0027s\nworldwide website at http://www.cisco.com/warp/public/707/\nsec_incident_response.shtml. This includes instructions for press\ninquiries regarding Cisco Security Notices. All Cisco Security Advisories\nare available at http://www.cisco.com/go/psirt. \n\n- -------------------------------------------------------------------------\n\nAll contents are Copyright \\xa9 1992-2004 Cisco Systems, Inc. All rights\nreserved. Important Notices and Privacy Statement. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.3 (Cygwin)\n\niD8DBQFAhZTpezGozzK2tZARAkKXAJ9BWwuytT7zwoOL+RkZJPebYN3W3ACfV/+K\n0Fd3MvvRlKSETCrlMGL/dZg=\n=eDSn\n-----END PGP SIGNATURE-----\n. \n\nThe nonexhaustive list of vulnerable non-IOS based Cisco products is as\nfollows:\n \n * Access Registrar\n\n * BPX, IGX, MGX WAN switches, and the Service Expansion Shelf\n\n * BR340, WGB340, AP340, AP350, BR350 Cisco/Aironet wireless products\n\n * Cache Engine 505 and 570\n\n * CallManager\n\n * Catalyst 1200, 1900, 28xx, 29xx, 3000, 3900, 4000, 5000, 6000\n\n * Cisco 8110 Broadband Network Termination Unit\n\n * Cisco Element Management Framework\n\n * Cisco Info Center\n\n * Cisco Intelligent Contact Management\n\n * Cisco MDS 9000\n\n * Cisco ONS 15190/15194 IP Transport Concentrator\n\n * Cisco ONS 15327 Metro Edge Optical Transport Platform\n\n * Cisco ONS 15454 Optical Transport Platform\n\n * Cisco ONS 15531/15532 T31 OMDS Metro WDM System\n\n * Cisco ONS 15800/15801/15808 Dense Wave Division Multiplexing Platform\n\n * Cisco ONS 15830 T30 Optical Amplification System\n\n * Cisco ONS 15831/15832 T31 DWDM System\n\n * Cisco ONS 15863 T31 Submarine WDM System\n\n * Content Router 4430 and Content Delivery Manager 4630 and 4650\n\n * Cisco Secure Intrusion Detection System (NetRanger) appliance and IDS\n Module\n\n * Cisco Secure PIX firewall\n\n * Cisco ws-x6608 and ws-x6624 IP Telephony Modules\n\n * CiscoWorks Windows\n\n * Content Engine 507, 560, 590, and 7320\n\n * CSS11000 (Arrowpoint) Content Services Switch\n\n * Hosting Solution Engine\n\n * User Registration Tool VLAN Policy Server\n\n * Cisco FastHub 300 and 400\n\n * CR-4430-B\n\n * Device Fault Manager\n\n * Internet CDN Content Engine 590 and 7320, Content Distribution\n Manager 4670, and Content Router 4450\n\n * IP Phone (all models including ATA and VG248)\n\n * IP/TV\n\n * LightStream 1010\n\n * LightStream 100 ATM Switches\n\n * LocalDirector\n\n * ME1100 series\n\n * MicroHub 1500,MicroSwitch 1538/1548\n\n * Voice Manager\n\n * RTM\n\n * SN5400 series storage routers\n\n * Switch Probe\n\n * Unity Server\n\n * VG248 Analog Phone Gateway\n\n * Traffic Director\n\n * WAN Manager \n \n\nProducts Confirmed Not Vulnerable\n=================================\nThe following products are not vulnerable:\n \n \n * Cisco VPN 3000 Series Concentrators\n \n * Cisco Firewall Services Module for Cisco Catalyst 6500 Series and\n Cisco 7600 Series (FWSM)\n \n\nDetails\n======\nTCP is the transport layer protocol designed to provide\nconnection-oriented reliable delivery of a data stream. The Cisco PSIRT\nhas analyzed multiple TCP-based protocols, as they are used within our\noffering, and we believe that this vulnerability does not have a\nsignificant impact on them. We will present our analysis for a few\nprotocols which have the potential for higher impact due to the long\nlived connections. \n\nVoice signaling H.225, H.245 (part of H.323 suite)\n- --------------------------------------------------\nH.225 and H.245 protocols are used in voice signaling. Their purpose is\nto negotiate parameters for content transfer (voice or video). The\nestablished sessions persist for the duration of a call. Any call in\nprogress is terminated when the signaling session is broken. A new\nsignaling session will be established immediately for the new call, but\nterminated calls cannot be re-established. \n\nEach call from an IP telephone or softphone will result in the creation\nof a single signaling session. It is possible that a single signaling session is\nresponsible for multiple calls, but that setup is used deeper within the\nService Provider\u0027s network. Determining all necessary parameters for\nmounting an attack is deemed a non-trivial task if the network is\ndesigned according to the current best practices. \n\nNetwork Storage (iSCSI, FCIP)\n- -----------------------------\nNetwork Storage products use two TCP-based protocols: SCSI over IP\n(iSCSI) and Fiber Channel over IP (FCIP). \n \n \n * SCSI over IP (iSCSI)\n \n iSCSI is used in a client/server environment. The client is your\n computer and it is only the client that initiates a connection. This\n connection is not shared with any other users. Terminating the session\n will not have any adverse consequences if people are using current\n drivers from Microsoft for Windows and from Cisco for Linux. These\n drivers will re-establish the session and continue transfer from the\n point where it was disconnected. Drivers from other vendors may\n behave differently. \n \n The user may notice that access to a virtual device is slightly\n slower than usual. \n \n \n * Fiber Channel over IP (FCIP)\n \n FCIP is a peer-to-peer protocol. It is used for mirroring data\n between switches. Each peer can initiate the session. Switches can,\n and should be in practice, configured in a mesh. Bringing one link\n down will cause traffic to be re-routed over other link(s). If an\n adversary can manage to terminate the session multiple times in a\n row, the user\u0027s application may terminate with a \"Device unreachable\"\n or similar error message. This does not have any influence on the\n switch itself and the user can retry the operation. \n \n The user may notice that access to a virtual device is slightly\n slower than usual. An occasional error message is possible. SSL/TLS connections can be used to encapsulate\nvarious kinds of traffic and these sessions can be long lived. An\nencrypted session can be attacked either on the originating or\nterminating host or on the firewalls in front of them (if they exist). |\n| | | Customers |\n| | | are |\n| | | encouraged |\n| | | to migrate |\n| | | to IOS. \u003chtml\u003e\n\n\u003chead\u003e\n\u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1252\"\u003e\n\n\u003ctitle\u003eNISCC Vulnerability Advisory 236929\u003c/title\u003e\n\u003cstyle\u003e\n\u003c!--\nbody { font-family: Verdana }\n--\u003e\n\u003c/style\u003e\n\u003c/head\u003e\n\n\u003cbody bgcolor=\"#FFFFCC\"\u003e\n\u003cdiv class=Section1 style=\"width: 100%;\"\u003e \n\u003cdiv align=\"center\"\u003e\u003cimg src=\"http://www.niscc.gov.uk/images/newtitle.gif\" width=\"766\" height=\"80\" alt=\"National Infrastructure Security Co-Ordination Centre\"\u003e\u003c/div\u003e\n\u003cbr\u003e\n\u003cfont size=\"4\"\u003e\u003cb\u003e\u003cfont color=\"#FF0000\"\u003eNISCC Vulnerability Advisory 236929\u003c/b\u003e\u003c/font\u003e\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003eVulnerability Issues in TCP\u003c/b\u003e\u003c/font\u003e\u003cbr\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\n\u003cb\u003e\u003cfont size=\"3\"\u003eVersion\u003c/font\u003e Information\u003c/b\u003e\n\u003cbr\u003e\u003cbr\u003e\n\u003ctable border=\"1\" width=\"61%\"\u003e\n \u003ctr\u003e\n \u003ctd width=\"58%\"\u003eAdvisory Reference\u003c/td\u003e\n \u003ctd width=\"77%\"\u003e236929\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"58%\"\u003eRelease Date\u003c/td\u003e\n \u003ctd width=\"77%\"\u003e20 April 2004\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"58%\"\u003eLast Revision\u003c/td\u003e\n \u003ctd width=\"77%\"\u003e22 April 2004\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"58%\"\u003eVersion Number\u003c/td\u003e\n \u003ctd width=\"77%\"\u003e1.4\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\u0026nbsp;\u003cbr\u003e\u003cbr\u003e\n\u003cb\u003eWhat is Affected?\u003c/b\u003e\u003cbr\u003e\n\u003cbr\u003e\nThe vulnerability described in this advisory affects implementations of the \nTransmission Control Protocol (TCP) that comply with the Internet Engineering \nTask Force\\x92s (IETF\\x92s) Requests For Comments (RFCs) for TCP, including \n\u003ca href=\"http://www.ietf.org/rfc/rfc0793.txt\"\u003eRFC 793\u003c/a\u003e, the \noriginal specification, and \u003ca href=\"http://www.ietf.org/rfc/rfc1323.txt\"\u003eRFC 1323\u003c/a\u003e, TCP Extensions for High Performance.\u003cbr\u003e\n\u003cbr\u003e\nTCP is a \ncore network protocol used in the majority of networked computer systems today. \nMany vendors include support for this protocol in their products and may be \nimpacted to varying degrees. \n\u003cbr\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003eSeverity\u003c/b\u003e\u003cbr\u003e\n\u003cbr\u003e\nThe impact of this vulnerability varies by vendor and application, but in some \ndeployment scenarios it is rated critical. Alternatively contact your vendor for product specific \ninformation.\u003cbr\u003e\n\u003cbr\u003e\nIf exploited, the vulnerability could allow an attacker to create a \nDenial of Service condition against existing TCP connections, resulting in \npremature session termination. The resulting session termination will affect the \napplication layer, the nature and severity of the effects being dependent on the \napplication layer protocol. The primary dependency is on the duration of the TCP \nconnection, with a further dependency on knowledge of the network (IP) addresses \nof the end points of the TCP connection.\u003cbr\u003e\n\u003cbr\u003e\nThe Border Gateway Protocol (BGP) is judged to be potentially most affected \nby this vulnerability.\u003cbr\u003e\n\u003cbr\u003e\nBGP relies on a persistent TCP session between BGP peers. Resetting the \nconnection can result in medium term unavailability due to the need to rebuild \nrouting tables and route flapping.\u0026nbsp; Route flapping may result in route dampening \n(suppression) if the route flaps occur frequently within a short time interval.\u0026nbsp; The overall impact on BGP is likely to be moderate based on \nthe likelihood of successful attack. If the TCP MD5 Signature Option and \nanti-spoofing measures are used \nthen the impact will be low as these measures will successfully mitigate the \nvulnerability.\u003cbr\u003e\n\u003cbr\u003e\nThere is a potential impact on other application protocols such as DNS (Domain \nName System) and SSL (Secure Sockets Layer) in the case of zone transfers and \necommerce transactions respectively, but the duration of the sessions is \nrelatively short and the sessions can be restarted without medium term \nunavailability problems. In the case of SSL it may be difficult to guess the \nsource IP address.\u003cbr\u003e\n\u003cbr\u003e\nData injection may be possible. However, this has not been demonstrated and \nappears to be problematic. The reason \nfor this is that the receiving TCP implementation checks the sequence number of \nthe RST or SYN packet, which is a 32 bit number, giving a probability of 1/2\u003csup\u003e\u003cfont size=\"2\"\u003e32\u003c/font\u003e\u003c/sup\u003e of \nguessing the sequence number correctly (assuming a random distribution).\u003cbr\u003e\n\u003cbr\u003e\nThe discoverer of the practicability of the RST attack was Paul A. Watson, who \ndescribes his research in his paper \\x93Slipping In The Window: TCP Reset Attacks\\x94, \npresented at the CanSecWest 2004 conference. In a RST/ACK packet an acknowledgement number is included \nin the packet, although it is not checked by the receiving TCP implementation.)\u003cbr\u003e\n\u003cbr\u003e\n\u003ca href=\"http://www.ietf.org/rfc/rfc0793.txt\"\u003eRFC 793\u003c/a\u003e, p36, states the following:\u003cbr\u003e\n\u003cbr\u003e\n\u0026quot;In all states except SYN-SENT, all reset (RST) segments are validated by \nchecking their SEQ-fields [sequence numbers]. In the SYN-SENT state (a RST received in response to an \ninitial SYN), the RST is acceptable if the ACK field acknowledges the SYN.\u0026quot;\u003cbr\u003e\n\u003cbr\u003e\nResets must be processed immediately. \n\u003ca href=\"http://www.ietf.org/rfc/rfc0793.txt\"\u003eRFC 793\u003c/a\u003e, p25, says \u0026quot;[\\x85] [E]ven when the \nreceive window is zero, a TCP must process the RST and URG fields of all \nincoming segments.\u0026quot;\u003cbr\u003e\n\u003cbr\u003e\nIt is also possible to perform the same attack with SYN (synchronise) packets. \n\u003ca href=\"http://www.ietf.org/rfc/rfc0793.txt\"\u003eRFC 793\u003c/a\u003e, p31 \nstates:\u003cbr\u003e\n\u003cbr\u003e\n\\x93The principle reason for the three-way handshake is to prevent old duplicate \nconnection initiations from causing confusion. To deal with this, a special \ncontrol message, reset, has been devised. [\\x85] If the TCP is in one of the \nsynchronized states (ESTABLISHED, FIN-WAIT-1, FIN-WAIT-2, CLOSE-WAIT, CLOSING, \nLAST-ACK, TIME-WAIT), it aborts the connection and informs its user.\\x94\u003cbr\u003e\n\u003cbr\u003e\nTCP window sizes are negotiated in the initial 3-way handshake used to set up a \nTCP connection, with higher values serving to improve throughput in some \ncircumstances. Vendor-chosen defaults also influence the selection. An attacker seeking to disrupt an \nexisting TCP connection must supply the 4-tuple correctly. As the source port \nvaries, additional work is generally called for on the part of the attacker. \nHowever, research (referenced below) has shown that the process of source port \nselection on many platforms includes predictable elements, so that the attack \nremains practicable. By weighting \u0027likely\u0027 source port values carefully, an \nattacker can disrupt TCP implementations that employ a range of window sizes.\u003cbr\u003e\n\u003cbr\u003e\nApplication layer protocols that are critically affected are those that:\u003cbr\u003e\n\u003cbr\u003e\n\u003ctable border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber6\"\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n \u003ctd width=\"96%\"\u003eDepend on long lived TCP connections\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n \u003ctd width=\"96%\"\u003eHave known or easy-to-guess IP address end points\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n \u003ctd width=\"96%\"\u003eHave easy to an easy-to-guess source TCP port\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\u003cp\u003eAs noted above BGP does use long lived TCP connections, and the IP addresses and \nsource port (and destination port) are sometimes available through the use of \nBGP looking glasses (multi-source, multi-destination trace route tools) or DNS \nresource records. Using \\x93trace route\\x94 commands can provide information on \npeering point IP addresses. Thus BGP is likely to be critically affected by the \nTCP vulnerability.\u003cbr\u003e\n\u003cbr\u003e\nThese denial of service attacks can be carried out by single machine, or by \nmultiple co-operating systems (to form a distributed denial of service attack).\u003cbr\u003e\n\u003cbr\u003e\nIt is also possible to inject packets, which will be processed if they are in \nthe window. The difficulty with data injection attacks is that the receiving TCP \nimplementation will reassemble the packets received according to sequence \nnumber, dropping any duplicate packets.\u003cbr\u003e\n\u003cbr\u003e\n\u003cbr\u003e\nVendor specific information will be released as it becomes available and if vendor permission has been received. Subscribers are advised to check the following URL regularly for updates:\u003cbr\u003e\n\u003cbr\u003e\n\u003ca href=\"http://www.uniras.gov.uk/vuls/2004/236929/index.htm\"\u003ehttp://www.uniras.gov.uk/vuls/2004/236929/index.htm\u003c/a\u003e\u003cbr\u003e\n\u003cbr\u003e\n\u003ci\u003e[Please note that updates to this advisory will not be notified by email.]\u003c/i\u003e\u003cbr\u003e\n\u003cbr\u003e\nThis vulnerability has been assigned the \u003ca href=\"http://cve.mitre.org/cve\"\u003eCVE\u003c/a\u003e \nname \n\u003ca href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230\"\u003eCAN-2004-0230\u003c/a\u003e.\u003cbr\u003e\n\u003cbr\u003e\nThe \u003ca href=\"http://www.osvdb.org\"\u003eOpen Source Vulnerability Database\u003c/a\u003e ID \nnumber for this vulnerability is\n\u003ca href=\"http://www.osvdb.org/displayvuln.php?osvdb_id=4030\"\u003e4030\u003c/a\u003e.\u003cbr\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003eMitigation\u003c/b\u003e\u003cbr\u003e\n\u003cbr\u003e\nThe following mitigation steps are still being evaluated and may be incomplete. \nCustomers should work with vendors for the workaround most appropriate for the \nproduct in question.\u003cbr\u003e\n\u003cbr\u003e\nIn the absence of vendor patching of the TCP implementation, the following are \ngeneral mitigating steps:\u003cbr\u003e\n\u003cbr\u003e\n\u003ctable border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber4\"\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n \u003ctd width=\"97%\"\u003eImplement IP Security (IPSEC) which will encrypt traffic at the network layer, \nso TCP information will not be visible\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n \u003ctd width=\"97%\"\u003eReduce the TCP window size (although this could increase \n traffic loss and subsequent retransmission)\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n \u003ctd width=\"97%\"\u003eDo not publish TCP source port information\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\u003cp\u003eIt should be noted that IPSEC provides confidentiality and authentication \nservices at the network layer, and can provide a measure of trust in the \nauthenticity of the end points as well as encryption of traffic between the end \npoints.\u0026nbsp; However, in the context of the current attack IPSEC will reject \nRST and SYN packets that are not part of a secure IP packet stream.\u003cbr\u003e\n\u003cbr\u003e\nTo change the TCP window size, in some Unix variants you can set a value of the \ndefault TCP windows size by using the \\x93sysctl\\x94 program (\\x93ndd -set\\x94 in the case \nof Sun Solaris). In the case of Microsoft Windows NT/2000/XP/2003, the default \nwindow size can be changed by modifying the value of the HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters \nkey. As noted above, great care should be exercised when altering the default \nTCP window size as network performance could be adversely affected.\u003cbr\u003e\n\u003cbr\u003e\nIn the case of BGP, the following may counter the problem:\u003cbr\u003e\n\u003cbr\u003e\n\u003ctable border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber5\"\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n \u003ctd width=\"96%\"\u003eImplement ingress and egress filtering to check that the \n traffic entering or leaving the network has a source IP address that is \n expected on the router/firewall interface that receives the traffic\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n \u003ctd width=\"96%\"\u003eImplement the TCP MD5 Signature Option to checksum the TCP \n packet carrying the BGP application data (see \u003ca href=\"http://www.ietf.org/rfc/rfc2385.txt\"\u003eRFC 2385\u003c/a\u003e), \nbeing careful to set and maintain strong (i.e. difficult to guess) passwords to \nwhich the MD5 checksum is applied.\u0026nbsp; Also see\n \u003ca href=\"http://www.ietf.org/rfc/rfc3562.txt\"\u003eRFC 3562\u003c/a\u003e which discusses \n the security requirements of this keying material.\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n \u003ctd width=\"96%\"\u003eLimit the amount of information available through looking \n glasses and DNS resource records, being careful not to expose TCP port \n information unnecessarily\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\u003cp\u003e\nThe IETF ingress filtering standard is defined in \n\u003ca href=\"http://www.ietf.org/rfc/rfc2827.txt\"\u003eRFC 2827\u003c/a\u003e. \nA discussion of egress filtering can be found at \n\u003ca href=\"http://www.sans.org/y2k/egress.htm\"\u003ehttp://www.sans.org/y2k/egress.htm\u003c/a\u003e.\u003cbr\u003e\n\u003cbr\u003e\nThe use of the TCP MD5 Signature Option will prevent the exploitation of this \nvulnerability. Router customers should implement this on all BGP peering points \nif it is supported by the router, upgrading the router firmware if necessary.\u003cbr\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003eSolution\u003c/b\u003e\u003cbr\u003e\n\u003cbr\u003e\nPlease refer to the Vendor Information section of this advisory for \nimplementation specific remediation.\u003cbr\u003e\n\u003cbr\u003e\nSome vendors will have reduced the \nlikelihood of successful denial of service by amending the TCP implementation to \nissue a further acknowledgment packet challenge for RST and SYN packets that do \nnot have exactly the expected sequence number.\u003cbr\u003e\n\u003cbr\u003e\n\u003ca href=\"http://www.ietf.org\"\u003eThe Internet Engineering Task Force\u003c/a\u003e (IETF) has \npublished an Internet Draft to co-incide \nwith the release of this advisory.\u0026nbsp;\nThe text of this draft is available from \nthe IETF web site:\u003cbr\u003e\n\u003ca href=\"http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\"\u003ehttp://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\u003c/a\u003e\u003cbr\u003e\n\u003cbr\u003e\nNISCC has produced best practice guidelines for BGP available at\u003cbr\u003e\n\u003ca href=\"http://www.niscc.gov.uk/BGP%20Filtering%20Guide.pdf\"\u003ehttp://www.niscc.gov.uk/BGP Filtering Guide.pdf\u003c/a\u003e\u003cbr\u003e\n\u003cbr\u003e\nSecure configuration templates for BGP implementations on Cisco IOS and Juniper JUNOS can be found at:\u003cbr\u003e\n\u003cbr\u003e\n\u003ctable border=\"0\" cellpadding=\"4\" cellspacing=\"1\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber2\"\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\"\u003e\\x95 \u003c/td\u003e\n \u003ctd width=\"11%\"\u003eCisco\n \u003c/td\u003e\n \u003ctd width=\"99%\"\u003e\u003ca href=\"http://www.cymru.com/Documents/secure-bgp-template.html\"\u003ehttp://www.cymru.com/Documents/secure-bgp-template.html\n\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\"\u003e\\x95 \u003c/td\u003e\n \u003ctd width=\"11%\"\u003eJuniper \u003c/td\u003e\n \u003ctd width=\"99%\"\u003e\n\u003ca href=\"http://www.qorbit.net/documents/junos-bgp-template.pdf\"\u003ehttp://www.qorbit.net/documents/junos-bgp-template.pdf\n\u003c/a\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\u003cp\u003e\nGuidance on tuning of the IP stack for a number of different UNIX operating systems is available at \n\u003ca href=\"http://www.cymru.com/Documents/ip-stack-tuning.html\"\u003ehttp://www.cymru.com/Documents/ip-stack-tuning.html\n\u003c/a\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\n\u003cB\u003eVendor Information\u003c/B\u003e\n\u003cbr\u003e\n\u003cbr\u003e\nThe following vendors have provided information about how their products are affected\nby these vulnerabilities.\u003cbr\u003e\n\u003cbr\u003e\n\u003ci\u003e\u003cfont size=\"2\"\u003ePlease note that \u003ca href=\"http://www.jpcert.or.jp\"\u003eJPCERT/CC\u003c/a\u003e have released a Japanese language advisory for this vulnerability\n which contains additional information regarding Japanese vendors. This advisory is available at\n \u003ca href=\"http://www.jpcert.or.jp/at/2004/at040003.txt\"\u003ehttp://www.jpcert.or.jp/at/2004/at040003.txt\u003c/a\u003e.\u003c/font\u003e\u003c/i\u003e\u003cbr\u003e\n\u003cbr\u003e\n\u003c/p\u003e\n\u003c/p\u003e\n\u003c/p\u003e\n\u003ctable border=\"0\" cellpadding=\"0\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber1\"\u003e\n \u003ctr\u003e\n \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#certicom\"\u003eCerticom\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#iij\"\u003eInternet Initiative Japan, Inc\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003ctd width=\"34%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#nec\"\u003eNEC\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#checkpoint\"\u003eCheck Point\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#interniche\"\u003eInterNiche\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003ctd width=\"34%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#nortel\"\u003eNortel\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#cisco\"\u003eCisco\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#juniper\"\u003eJuniper Networks\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003ctd width=\"34%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#polycom\"\u003ePolycom\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#cray\"\u003eCray Inc\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#lucent\"\u003eLucent Technologies\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003ctd width=\"34%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#seccomp\"\u003eSecure Computing Corporation\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#hitachi\"\u003eHitachi\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#mitel\"\u003eMitel Networks\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003ctd width=\"34%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#yamaha\"\u003eYamaha\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#innovaphone\"\u003eInnovaphone\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#mrlg\"\u003eMRLG\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n \u003ctd width=\"34%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003c/tr\u003e\n \u003c/table\u003e\n\u003c/p\u003e\n\n\u003cbr\u003e\n\u003ctable border=\"0\" width=\"100%\" cellpadding=\"8\" cellspacing=\"0\"\u003e\n\n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n \u003cu\u003e\u003ca name=\"certicom\"\u003e\u003c/a\u003eCerticom\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n \u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n Certicom has examined the National Infrastructure Security Coordination \n Centre (NISCC) advisory and determined it is not vulnerable.\u003cbr\u003e\n \u003cbr\u003eCerticom \n Developer Toolkits for SSL (SSL Plus, SSL Plus for Java, Security Builder \n SSL-C and Security Builder SSL-J) do not provide a TCP/IP transport \n mechanism, but rather utilize the supported operating system\u0027s TCP/IP stack. \n The vulnerability is against the TCP/IP stack itself, and not directly \n against the functionality offered by Certicom toolkits. Therefore, there is \n no patch or workaround that can be implemented within Certicom products. The \n patch or workaround must be provided by the operating system vendor.\u003cbr\u003e\n \u003cbr\u003e\n Customers are urged to contact their operating system vendors to determine \n if they have provided a workaround to this advisory. If you have any further \n questions please do not hesitate to contact\n \u003ca href=\"mailto:support@certicom.com\"\u003esupport@certicom.com\u003c/a\u003e.\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\u003cu\u003e\u003ca name=\"checkpoint\"\u003e\u003c/a\u003e\n Check Point\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003eThe latest release for VPN-1/FireWall-1 \n (R55 HFA-03) contains a protection against this vulnerability.\u0026nbsp; The \n protection applies to both the firewall device and to hosts behind the \n firewall.\u003cbr\u003e\n \u003cbr\u003e\n Please refer to the Check Point web site for further information at:\u003cbr\u003e\n \u003ca HREF=\"http://www.checkpoint.com/techsupport/alerts/tcp_dos.html\"\u003e\n http://www.checkpoint.com/techsupport/alerts/tcp_dos.html\u003c/a\u003e.\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n \u003cu\u003e\u003ca name=\"cisco\"\u003e\u003c/a\u003eCisco\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n \u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n Cisco Systems is addressing the vulnerabilities identified by NISCC \n Vulnerability Advisory 236929 across its entire product line.\u0026nbsp; Cisco \n has released two related advisories:\u003cbr\u003e\n \u003cbr\u003e\n TCP Vulnerabilities in Multiple IOS-Based Cisco Products\u003cbr\u003e\n \u003ca href=\"http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml\"\u003ehttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml\u003c/a\u003e\u003cbr\u003e\n \u003cbr\u003e\n TCP Vulnerabilities in Multiple Non-IOS Cisco Products\u003cbr\u003e\n \u003ca href=\"http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml\"\u003ehttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\n \u003cu\u003e\u003ca name=\"cray\"\u003e\u003c/a\u003eCray Inc\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003eCray Inc. is vulnerable on their UNICOS, \n UNICOS/mk and UNICOS/mp systems.\u0026nbsp; Spr\u0027s have been opened to track this \n issue.\u0026nbsp; Please contact your local Cray Service Representative for more \n information.\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n \u003cu\u003e\u003ca name=\"hitachi\"\u003e\u003c/a\u003eHitachi\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n \u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n Hitachi is investigating the potential impact to Hitachi\u0027s products.\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\n \u003cu\u003e\u003ca name=\"innovaphone\"\u003e\u003c/a\u003eInnovaphone\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003e\n Not vulnerable.\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n \u003cu\u003e\u003ca name=\"iij\"\u003e\u003c/a\u003eInternet Initiative Japan, Inc (IIJ)\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n \u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n IIJ will release a new firmware to fix this vulnerability.\u0026nbsp; Details are \n available on their web site at\n \u003ca href=\"http://www.seil.jp/en/ann/announce_en_20040421_01.txt\"\u003e\n http://www.seil.jp/en/ann/announce_en_20040421_01.txt\u003c/a\u003e.\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\n \u003cu\u003e\u003ca name=\"interniche\"\u003e\u003c/a\u003eInterNiche\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003e=== NicheStack v2.0 TCP/IP ===\u003cbr\u003e\n \u003cbr\u003e\n InterNiche Technologies has updated its \n NicheStack v2.0 TCP/IP product to handle the scenarios described in NISCC \n Vulnerability Notice #236929.\u0026nbsp;\n The patch is available to all InterNiche customers in accordance with the \n terms of their current support agreements.\u003cbr\u003e\n \u003cbr\u003e\n More information can be found on \u003ca href=\"http://www.iNiche.com\"\u003ewww.iNiche.com\u003c/a\u003e or through \n \u003ca href=\"mailto:support@iNiche.com\"\u003esupport@iNiche.com\u003c/a\u003e\n \u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\n === NicheLite v2.0 TCP/IP ===\u003cbr\u003e\n \u003cbr\u003e\n InterNiche Technologies has updated its \n NicheLite v2.0 TCP/IP product to handle the scenarios described in NISCC \n Vulnerability Notice #236929.\u0026nbsp;\n The patch is available to all InterNiche customers in accordance with the \n terms of their current support agreements. \u003cbr\u003e\n \u003cbr\u003e\n More information can be found on \u003ca href=\"http://www.iNiche.com\"\u003ewww.iNiche.com\u003c/a\u003e or through \n \u003ca href=\"mailto:support@iNiche.com\"\u003esupport@iNiche.com\u003c/a\u003e \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n \u003cu\u003e\u003ca name=\"juniper\"\u003e\u003c/a\u003e\n Juniper Networks\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n \u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n Juniper Networks products are susceptible to this vulnerability. Customers\n should contact Juniper Networks Technical Assistance Center for availability and\n download instructions.\u003cbr\u003e\n \u003cbr\u003eAdditional information is posted on our web site at\n \u003ca href=\"https://www.juniper.net/support\"\u003ehttps://www.juniper.net/support\u003c/a\u003e. \u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\n \u003cu\u003e\u003ca name=\"lucent\"\u003e\u003c/a\u003eLucent Technologies\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003eLucent Technologies is aware of this \n vulnerability advisory and is investigating any potential impact to its \n product portfolio. As further information becomes available, Lucent will \n provide information directly to its customers, if appropriate.\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n \u003cu\u003e\u003ca name=\"mitel\"\u003e\u003c/a\u003eMitel Networks\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n \u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n Mitel is aware of the vulnerability and is \n working with the vendors of our underlying networking software to assess the \n impact and, if necessary, determine potential solutions. When more \n information becomes available, an advisory will be issued. Please contact \u0027\u003ca href=\"mailto:security@mitel.com\"\u003esecurity@mitel.com\u003c/a\u003e\u0027 \n if you have specific questions.\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\n \u003cu\u003e\u003ca name=\"mrlg\"\u003e\u003c/a\u003eMRLG\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003eA new version of the Multi-Router Looking Glass tool (4.3.0) has been released.\u0026nbsp; \n This includes a patch that prevents a remote user from utilising the \u0026quot;sh ip \n bgp neighbors\u0026quot; functionality.\u0026nbsp; This new version is available from\n \u003ca href=\"ftp://ftp.enterzone.net/looking-glass/CURRENT/\"\u003e\n ftp://ftp.enterzone.net/looking-glass/CURRENT/\u003c/a\u003e. \u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n \u003cu\u003e\u003ca name=\"nec\"\u003e\u003c/a\u003eNEC\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n \u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n NEC is aware of this vulnerability and is trying to determine potential \n impacts on our products.\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\n \u003cu\u003e\u003ca name=\"nortel\"\u003e\u003c/a\u003eNortel Networks\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003eNortel Networks has evaluated this issue and testing has confirmed that it \n is possible to successfully exploit this vulnerability. However, the \n preconditions for a successful exploitation require levels of access to the \n network that are unlikely to be achieved in a normal network operating \n environment; furthermore, such levels of access would enable other forms of \n attack with much greater impact than that achievable by exploiting this \n vulnerability.\u003cbr\u003e\n \u003cbr\u003e\n Nortel Networks is continuing to validate that this \n vulnerability has no serious consequences for Nortel equipment, and will \n update this statement periodically.\u003c/td\u003e\n \u003c/tr\u003e\n\n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n \u003cu\u003e\u003ca name=\"polycom\"\u003e\u003c/a\u003ePolycom\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n \u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n Polycom has investigated the potential \n impact to our products for NISCC Advisory 236929.\u003cbr\u003e\n \u003cbr\u003e\n Specific product information will be provided at\n \u003ca HREF=\"http://www.polycom.com/securitycenter\"\u003e\n http://www.polycom.com/securitycenter\u003c/a\u003e.\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\n \u003cu\u003e\u003ca name=\"seccomp\"\u003e\u003c/a\u003eSecure Computing Corporation\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003eThe Sidewinder and Sidewinder G2 firewalls offer protection against this \n attack at all releases. As application-layer firewalls, Sidewinder and \n Sidewinder G2 offer protection to systems behind the firewall as well as \n protecting management connections to the firewall.\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n \u003cu\u003e\u003ca name=\"yamaha\"\u003e\u003c/a\u003eYamaha\u003c/u\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n \u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n Pending.\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003c/table\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003eAcknowledgements\u003c/b\u003e\u003cbr\u003e\n\u003cbr\u003e\nNISCC wishes to thank the following:\u003cbr\u003e\n\u003cbr\u003e\n\u003ctable border=\"0\" cellpadding=\"6\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber3\"\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n \u003ctd width=\"197%\"\u003eSteve Bellovin, Rob Thomas and Paul Watson for their \n contributions to this advisory.\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n \u003ctd width=\"197%\"\u003eCisco Systems Inc. and Juniper Networks Inc. for their help \n with the content of this advisory and for their support during the \n disclosure process.\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n \u003ctd width=\"197%\"\u003eJPCERT/CC for their assistance in co-ordinating this disclosure \n in Japan.\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003eReferences\u003c/b\u003e\n\u003cbr\u003e\n\u003ctable border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber7\"\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"98%\" colspan=\"3\"\u003e\u003cb\u003eInternet Engineering Task Force\u003c/b\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eRFC 793 Transmission Control Protocol\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"94%\"\u003e\u003ca href=\"http://www.ietf.org/rfc/rfc793.txt\"\u003e\n http://www.ietf.org/rfc/rfc793.txt\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eRFC 1323 TCP Extensions for High Performance\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\"\u003e\u003ca href=\"http://www.ietf.org/rfc/rfc1323.txt\"\u003e\n http://www.ietf.org/rfc/rfc1323.txt\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eRFC 1771 A Border Gateway Protocol 4 (BGP-4)\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"94%\"\u003e\u003ca href=\"http://www.ietf.org/rfc/rfc1771.txt\"\u003e\n http://www.ietf.org/rfc/rfc1771.txt\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eRFC 2385 Protection of BGP Sessions via the TCP \n MD5 Signature Option\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"94%\"\u003e\u003ca href=\"http://www.ietf.org/rfc/rfc2385.txt\"\u003e\n http://www.ietf.org/rfc/rfc2385.txt\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eRFC 2827 Network Ingress Filtering\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"94%\"\u003e\u003ca href=\"http://www.ietf.org/rfc/rfc2827.txt\"\u003e\n http://www.ietf.org/rfc/rfc2827.txt\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eRFC 3562 Considerations for the TCP MD5 \n Signature Option\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"94%\"\u003e\u003ca href=\"http://www.ietf.org/rfc/rfc3562.txt\"\u003e\n http://www.ietf.org/rfc/rfc3562.txt\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eRFC 3682 Generalized TTL Security Mechanism\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"94%\"\u003e\u003ca href=\"http://www.ietf.org/rfc/rfc3682.txt\"\u003e\n http://www.ietf.org/rfc/rfc3682.txt\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eInternet Draft - Transmission Control Protocol \n security considerations\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"94%\"\u003e\n \u003ca href=\"http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\"\u003e\n http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"98%\" colspan=\"3\"\u003e\u003cb\u003eNISCC\u003c/b\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eBest Practice Guidelines - Border Gateway \n Protocol\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"94%\"\u003e\n \u003ca href=\"http://www.niscc.gov.uk/BGP%20Filtering%20Guide.pdf\"\u003e\n http://www.niscc.gov.uk/BGP Filtering Guide.pdf\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"98%\" colspan=\"3\"\u003e\u003cb\u003eConfiguration and Tuning Guides\u003c/b\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eSecure BGP Template for Cisco IOS\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"94%\"\u003e\n \u003ca href=\"http://www.cymru.com/Documents/secure-bgp-template.html\"\u003e\n http://www.cymru.com/Documents/secure-bgp-template.html\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eJUNOS Secure BGP Template\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"94%\"\u003e\n \u003ca href=\"http://www.qorbit.net/documents/junos-bgp-template.pdf\"\u003e\n http://www.qorbit.net/documents/junos-bgp-template.pdf\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eUNIX IP Stack Tuning Guide\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"94%\"\u003e\n \u003ca href=\"http://www.cymru.com/Documents/ip-stack-tuning.html\"\u003e\n http://www.cymru.com/Documents/ip-stack-tuning.html\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"98%\" colspan=\"3\"\u003e\u003cb\u003eOther Documents\u003c/b\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eSANS discussion on egress filtering\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"94%\"\u003e\u003ca href=\"http://www.sans.org/y2k/egress.htm\"\u003e\n http://www.sans.org/y2k/egress.htm\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"98%\" colspan=\"3\"\u003e\u003cb\u003eVulnerability Databases\u003c/b\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eCommon Vulnerabilities and Exposures (CVE)\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"94%\"\u003e\n \u003ca href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230\"\u003e\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"96%\" colspan=\"2\"\u003eOpen Source Vulnerability Database (OSVDB)\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"94%\"\u003e\n \u003ca href=\"http://www.osvdb.org/displayvuln.php?osvdb_id=4030\"\u003e\n http://www.osvdb.org/displayvuln.php?osvdb_id=4030\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\u003cp\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003eContact Information\u003c/b\u003e\u003cbr\u003e\n\u003cbr\u003e\nThe NISCC Vulnerability Management Team can be contacted as follows:\u003cbr\u003e\n\n\u003c/p\u003e\n\n\u003c/p\u003e\n\n\u003ctable border=\"1\" width=\"87%\" cellspacing=\"3\" cellpadding=\"5\"\u003e\n \u003ctr\u003e\n \u003ctd width=\"30%\" valign=\"top\"\u003eEmail\u003c/td\u003e\n \u003ctd width=\"70%\"\u003e\u003ca href=\"mailto:vulteam@niscc.gov.uk\"\u003evulteam@niscc.gov.uk\u003c/a\u003e\n \u003cbr\u003e\u003ci\u003e(Please quote the advisory reference in the subject line.)\u003c/i\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"30%\" valign=\"top\"\u003eTelephone\u003c/td\u003e\n \u003ctd width=\"70%\"\u003e +44 (0)20 7821 1330 Extension 4511\n \u003cbr\u003e\u003ci\u003e(Monday to Friday 08:30 - 17:00)\u003c/i\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"30%\" valign=\"top\"\u003eFax\u003c/td\u003e\n \u003ctd width=\"70%\"\u003e +44 (0)20 7821 1686\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd width=\"30%\" valign=\"top\"\u003ePost\u003c/td\u003e\n \u003ctd width=\"70%\"\u003e Vulnerability Management Team\u003cbr\u003e\n NISCC\u003cbr\u003e\n PO Box 832\u003cbr\u003e\n London\u003cbr\u003e\n SW1P 1BG\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\n\u003cbr\u003e\nWe encourage those who wish to communicate via email to make use of our PGP key. This is available from \u003ca href=\"http://www.uniras.gov.uk/UNIRAS.asc\"\u003ehttp://www.uniras.gov.uk/UNIRAS.asc\u003c/a\u003e.\u003cbr\u003e\n\u003cbr\u003e\nPlease note that UK government protectively marked material should not be sent to the email address above.\u003cbr\u003e\n\u003cbr\u003e\nIf you wish to be added to our email distribution list, please email your request to \u003ca href=\"mailto:uniras@niscc.gov.uk\"\u003euniras@niscc.gov.uk\u003c/a\u003e.\u003cbr\u003e\n\n\n\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003e\nWhat is NISCC?\u003c/b\u003e\u003cbr\u003e\n\u003cbr\u003e\nFor further information regarding the UK National Infrastructure Security Co-Ordination Centre, please visit the NISCC web site at:\n\u003cbr\u003e\n\u003ca href=\"http://www.niscc.gov.uk/aboutniscc/index.htm\"\u003ehttp://www.niscc.gov.uk/aboutniscc/index.htm\u003c/a\u003e\u003cbr\u003e\n\u003cbr\u003e\nReference to any specific commercial product, process or service by trade name, trademark manufacturer or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by NISCC. The views and opinions of authors expressed within this notice shall not be used for advertising\nor product endorsement purposes.\u003cbr\u003e\n\u003cbr\u003e\nNeither shall NISCC accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this notice.\u003cbr\u003e\n\u003cbr\u003e\n\\xa9 2004 Crown Copyright\u003cbr\u003e\n\u003cbr\u003e\nRevision History\u003cbr\u003e\n\u003cbr\u003e\n\u003ctable border=\"0\" width=\"100%\"\u003e\n \u003ctr\u003e\n \u003ctd width=\"23%\"\u003e\n\u003cfont size=\"2\"\u003eApril 20\u003c/font\u003e\u003cSMALL\u003e, 2004:\n\u003c/SMALL\u003e\n \u003c/td\u003e\n \u003ctd width=\"77%\"\u003e\n\u003cSMALL\u003e\n Initial release (1.0)\u003c/SMALL\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"23%\"\u003e\n\u003cfont size=\"2\"\u003eApril 21, 2004:\u003c/font\u003e\u003c/td\u003e\n \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eCorrected hyperlinks (1.1)\u003c/font\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"23%\"\u003e\n\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eInserted impact statement for Cisco (1.1)\u003c/font\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"23%\"\u003e\n\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eInserted impact statement for Mitel (1.1)\u003c/font\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"23%\"\u003e\n\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eInserted MRLG patch reference (1.2)\u003c/font\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"23%\"\u003e\n\u003cfont size=\"2\"\u003eApril 22, 2004:\u003c/font\u003e\u003c/td\u003e\n \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eRevised impact statement for Certicom (1.3)\u003c/font\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"23%\"\u003e\n\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eInserted impact statement for Nortel Networks (1.3)\u003c/font\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"23%\"\u003e\n\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eInserted impact statement for Secure Computing Corporation (1.3)\u003c/font\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"23%\"\u003e\n\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eInserted references section (1.4)\u003c/font\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003ctr\u003e\n \u003ctd width=\"23%\"\u003e\n\u0026nbsp;\u003c/td\u003e\n \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eInserted impact statement for Lucent Technologies (1.4)\u003c/font\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \n \u003c/table\u003e\n\n\n\n\u003cbr\u003e\n\u0026lt;End of NISCC Vulnerability Advisory\u003e\u003cbr\u003e\n\u003c/div\u003e\n\u003c/body\u003e\n\n\u003c/html\u003e. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-14:19.tcp Security Advisory\n The FreeBSD Project\n\nTopic: Denial of Service in TCP packet processing\n\nCategory: core\nModule: inet\nAnnounced: 2014-09-16\nCredits: Jonathan Looney (Juniper SIRT)\nAffects: All supported versions of FreeBSD. \nCorrected: 2014-09-16 09:48:35UTC (stable/10, 10.1-PRERELEASE)\n 2014-09-16 09:48:35 UTC (stable/10, 10.1-BETA1-p1)\n 2014-09-16 09:50:19 UTC (releng/10.0, 10.0-RELEASE-p9)\n 2014-09-16 09:49:11 UTC (stable/9, 9.3-STABLE)\n 2014-09-16 09:50:19 UTC (releng/9.3, 9.3-RELEASE-p2)\n 2014-09-16 09:50:19 UTC (releng/9.2, 9.2-RELEASE-p12)\n 2014-09-16 09:50:19 UTC (releng/9.1, 9.1-RELEASE-p19)\n 2014-09-16 09:49:11 UTC (stable/8, 8.4-STABLE)\n 2014-09-16 09:50:19 UTC (releng/8.4, 8.4-RELEASE-p16)\nCVE Name: CVE-2004-0230\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. New TCP connections are initiated using special SYN\nflag in a datagram. Sequencing of data is controlled by 32-bit sequence\nnumbers, that start with a random value and are increased using modulo\n2**32 arithmetic. In case one of the two port numbers is unknown, a successful\nattack requires less than 2**17 packets spoofed, which can be\ngenerated within less than a second on a decent connection to the\nInternet. Workaround\n\nIt is possible to defend against these attacks with stateful traffic\ninspection using a firewall. This can be done by enabling pf(4) on\nthe system and creating states for every connection. Even a default\nruleset to allow all traffic would be sufficient to mitigate this\nissue. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch http://security.FreeBSD.org/patches/SA-14:19/tcp.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:19/tcp.patch.asc\n# gpg --verify tcp.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile your kernel as described in\n\u003cURL:http://www.FreeBSD.org/handbook/kernelconfig.html\u003e and reboot the\nsystem. \n\n3) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r271668\nreleng/8.4/ r271669\nstable/9/ r271668\nreleng/9.1/ r271669\nreleng/9.2/ r271669\nreleng/9.3/ r271669\nstable/10/ r271667\nreleng/10.0/ r271669\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:http://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0230"
},
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000150"
},
{
"db": "BID",
"id": "10183"
},
{
"db": "VULHUB",
"id": "VHN-8660"
},
{
"db": "VULMON",
"id": "CVE-2004-0230"
},
{
"db": "PACKETSTORM",
"id": "37558"
},
{
"db": "PACKETSTORM",
"id": "33143"
},
{
"db": "PACKETSTORM",
"id": "33160"
},
{
"db": "PACKETSTORM",
"id": "33159"
},
{
"db": "PACKETSTORM",
"id": "33152"
},
{
"db": "PACKETSTORM",
"id": "128284"
}
],
"trust": 3.33
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=24033",
"trust": 0.7,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-8660",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8660"
},
{
"db": "VULMON",
"id": "CVE-2004-0230"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0230",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#415294",
"trust": 2.9
},
{
"db": "BID",
"id": "10183",
"trust": 2.9
},
{
"db": "USCERT",
"id": "TA04-111A",
"trust": 2.3
},
{
"db": "OSVDB",
"id": "4030",
"trust": 2.1
},
{
"db": "MCAFEE",
"id": "SB10053",
"trust": 1.5
},
{
"db": "SECUNIA",
"id": "11458",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "11440",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "22341",
"trust": 1.2
},
{
"db": "JUNIPER",
"id": "JSA10638",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2006-3983",
"trust": 1.2
},
{
"db": "XF",
"id": "15886",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000150",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200408-159",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "7605",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1795",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "33159",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "33152",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "33160",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "33143",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "24033",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "33202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "33185",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "33153",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "33172",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "33174",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "33171",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "33243",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "33182",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "942",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "276",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "24031",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "24032",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "24030",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "291",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-77770",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-77769",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-77768",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-77771",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-18409",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-8660",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2004-0230",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "15263",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37558",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#498440",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128284",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "VULHUB",
"id": "VHN-8660"
},
{
"db": "VULMON",
"id": "CVE-2004-0230"
},
{
"db": "BID",
"id": "10183"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000150"
},
{
"db": "PACKETSTORM",
"id": "37558"
},
{
"db": "PACKETSTORM",
"id": "33143"
},
{
"db": "PACKETSTORM",
"id": "33160"
},
{
"db": "PACKETSTORM",
"id": "33159"
},
{
"db": "PACKETSTORM",
"id": "33152"
},
{
"db": "PACKETSTORM",
"id": "128284"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-159"
},
{
"db": "NVD",
"id": "CVE-2004-0230"
}
]
},
"id": "VAR-200408-0145",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8660"
}
],
"trust": 0.6903899829411765
},
"last_update_date": "2024-07-23T20:13:17.983000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "TCP RFC Alert",
"trust": 0.8,
"url": "http://www.checkpoint.com/services/techsupport/alerts/tcp_dos.html"
},
{
"title": "cisco-sa-20040420-tcp-nonios",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml"
},
{
"title": "cisco-sa-20040420-tcp-ios",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml"
},
{
"title": "HPSBGN01041",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbgn01041"
},
{
"title": "IY62006",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy62006"
},
{
"title": "IY55950",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy55950"
},
{
"title": "IY55949",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy55949"
},
{
"title": "TCP \u30d7\u30ed\u30c8\u30b3\u30eb\u306e\u8106\u5f31\u6027\u306b\u3088\u308b SEIL \u30b7\u30ea\u30fc\u30ba\u3078\u306e\u5f71\u97ff\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.seil.jp/ann/announce_20040421_01.txt"
},
{
"title": "58784",
"trust": 0.8,
"url": "http://www.juniper.net/support/security/alerts/niscc-236929.txt"
},
{
"title": "MS06-064",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx"
},
{
"title": "MS05-019",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx"
},
{
"title": "NV04-001",
"trust": 0.8,
"url": "http://www.nec.co.jp/security-info/secinfo/nv04-001.html"
},
{
"title": "Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - January 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html"
},
{
"title": "RT\u30b7\u30ea\u30fc\u30ba\u306eTCP\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.rtpro.yamaha.co.jp/rt/faq/tcpip/cert-ta04-111a.html"
},
{
"title": "\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u60c5\u5831\uff082004\u5e747\u670820\u65e5\uff09",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/storage/diskarray/techsupport/sec_info/sec_20040423-1.html"
},
{
"title": "\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u60c5\u5831\uff082004\u5e744\u670828\u65e5\uff09",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/storage/diskarray/techsupport/sec_info/sec_20040423-2.html"
},
{
"title": "January 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/january_2015_critical_patch_update"
},
{
"title": "TCP\u306b\u6f5c\u5728\u3059\u308b\u8106\u5f31\u6027 (2004\u5e7410\u67087\u65e5)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_sd_200402.html"
},
{
"title": "SYM05-008",
"trust": 0.8,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2005.05.02.html"
},
{
"title": "cisco-sa-20040420-tcp-nonios",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20040420-tcp-nonios-j.shtml"
},
{
"title": "cisco-sa-20040420-tcp-ios",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20040420-tcp-ios-j.shtml"
},
{
"title": "SYM05-008",
"trust": 0.8,
"url": "http://www.symantec.com/region/jp/avcenter/security/content/2005.05.02.html"
},
{
"title": "TCP RFC\u306b\u95a2\u3059\u308bAlert",
"trust": 0.8,
"url": "http://www.checkpoint.co.jp/techsupport/alerts/tcp_rfc_alert.html"
},
{
"title": "TCP \u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20040421.html"
},
{
"title": "\u300cTCP \u30d7\u30ed\u30c8\u30b3\u30eb\u306b\u6f5c\u5728\u3059\u308b\u4fe1\u983c\u6027\u306e\u554f\u984c\u300d\u306b\u95a2\u3059\u308b\u88fd\u54c1\u306e\u5bfe\u5fdc\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/secureplaza/html/hirt/20040422.html"
},
{
"title": "MS06-064",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms06-064.mspx"
},
{
"title": "MS05-019",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms05-019.mspx"
},
{
"title": "[\u304a\u77e5\u3089\u305b] TCP\u306b\u6f5c\u5728\u3059\u308b\u8106\u5f31\u6027\u3078\u306e\u5bfe\u5fdc\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/cert/236929_tcp.html"
},
{
"title": "Cisco: TCP Vulnerabilities in Multiple Non-IOS Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20040420-tcp-nonios"
},
{
"title": "Cisco: TCP Vulnerabilities in Multiple IOS-Based Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20040420-tcp-ios"
},
{
"title": "Fortinet Security Advisories: CVE-2004-0230 Blind Reset Attack Using the RST/SYN Bit",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=fg-ir-16-039"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4a692d6d60aa31507cb101702b494c51"
},
{
"title": "ips-assessment-reports",
"trust": 0.1,
"url": "https://github.com/gabrieljcs/ips-assessment-reports "
},
{
"title": "dsm_ips",
"trust": 0.1,
"url": "https://github.com/biswajitde/dsm_ips "
},
{
"title": "rhsecapi",
"trust": 0.1,
"url": "https://github.com/redhatofficial/rhsecapi "
},
{
"title": "cve-pylib",
"trust": 0.1,
"url": "https://github.com/redhatproductsecurity/cve-pylib "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2004-0230"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000150"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0230"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/10183"
},
{
"trust": 2.3,
"url": "http://www.us-cert.gov/cas/techalerts/ta04-111a.html"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/415294"
},
{
"trust": 1.5,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.5,
"url": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm"
},
{
"trust": 1.4,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10053"
},
{
"trust": 1.4,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0230"
},
{
"trust": 1.2,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml"
},
{
"trust": 1.2,
"url": "http://kb.juniper.net/jsa10638"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
},
{
"trust": 1.2,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019"
},
{
"trust": 1.2,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064"
},
{
"trust": 1.2,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2004-006.txt.asc"
},
{
"trust": 1.2,
"url": "http://www.osvdb.org/4030"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2689"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a270"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a3508"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4791"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5711"
},
{
"trust": 1.2,
"url": "ftp://ftp.sco.com/pub/updates/unixware/scosa-2005.14/scosa-2005.14.txt"
},
{
"trust": 1.2,
"url": "ftp://ftp.sco.com/pub/updates/openserver/scosa-2005.3/scosa-2005.3.txt"
},
{
"trust": 1.2,
"url": "ftp://ftp.sco.com/pub/updates/openserver/scosa-2005.9/scosa-2005.9.txt"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/11440"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/11458"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/22341"
},
{
"trust": 1.2,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-a.asc"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2006/3983"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=108302060014745\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=108506952116653\u0026w=2"
},
{
"trust": 1.1,
"url": "http://xforce.iss.net/xforce/alerts/id/170"
},
{
"trust": 0.8,
"url": "http://www.uniras.gov.uk/niscc/docs/al-20040420-00199.html?lang=en"
},
{
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20040420-00391.pdf"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3562.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2385.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc1323.txt"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=4030"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/o-124.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0230"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20040420-00391.xml"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr041702.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2004/at040003.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-236929/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta04-111a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta04-111a"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20040420-00391.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/15886"
},
{
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/tcp_170.html"
},
{
"trust": 0.6,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a008021ba2f.shtml"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/7605"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1795/"
},
{
"trust": 0.4,
"url": "http://support.avaya.com/elmodocs2/security/asa-2005-097_scasa-2005-14.pdf"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0230"
},
{
"trust": 0.3,
"url": "http://www.seil.jp/en/ann/announce_en_20040421_01.txt"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-217.htm"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy55949"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy55950"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy62006"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/advisory_tcp_can-2004-0230.html"
},
{
"trust": 0.3,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2005.05.02.html"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/support/alert.html"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/techsupport/alerts/tcp_dos.html"
},
{
"trust": 0.3,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-14:19.tcp.asc"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101006870"
},
{
"trust": 0.3,
"url": "https://www.alienvault.com/forums/discussion/5706/security-advisory-alienvault-v5-1-addresses-6-vulnerabilities"
},
{
"trust": 0.2,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml."
},
{
"trust": 0.2,
"url": "http://www.cisco.com/warp/public/707/"
},
{
"trust": 0.2,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml."
},
{
"trust": 0.2,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.2,
"url": "http://www.cisco.com."
},
{
"trust": 0.2,
"url": "http://www.cisco.com/warp/public/687/directory/dirtac.shtml"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=108302060014745\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10053"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=108506952116653\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/tcp-seq-num-approximation"
},
{
"trust": 0.1,
"url": "https://github.com/gabrieljcs/ips-assessment-reports"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/24033/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/11440/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4586/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/15263/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/415294#systems."
},
{
"trust": 0.1,
"url": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm\u003e."
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/498440)"
},
{
"trust": 0.1,
"url": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm)"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2001-09.html\u003e),"
},
{
"trust": 0.1,
"url": "http://www.cymru.com/\u003e)."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/bgp.htm\u003e"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/sw/iosswrel/"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc0793.txt."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/sw/iosswrel/ps1835"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/sw/iosswrel/ps1828/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml,"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml,"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/sw/iosswrel/ps1835/"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc0793.txt"
},
{
"trust": 0.1,
"url": "http://www.qorbit.net/documents/junos-bgp-template.pdf\"\u003ehttp://www.qorbit.net/documents/junos-bgp-template.pdf"
},
{
"trust": 0.1,
"url": "http://www.ietf.org\"\u003ethe"
},
{
"trust": 0.1,
"url": "http://www.cymru.com/documents/ip-stack-tuning.html\"\u003ehttp://www.cymru.com/documents/ip-stack-tuning.html"
},
{
"trust": 0.1,
"url": "http://www.polycom.com/securitycenter\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.cymru.com/documents/secure-bgp-template.html\"\u003ehttp://www.cymru.com/documents/secure-bgp-template.html"
},
{
"trust": 0.1,
"url": "http://www.cymru.com/documents/secure-bgp-template.html\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc793.txt\"\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cve\"\u003ecve\u003c/a\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc2827.txt\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc3682.txt\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.osvdb.org\"\u003eopen"
},
{
"trust": 0.1,
"url": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm\"\u003ehttp://www.uniras.gov.uk/vuls/2004/236929/index.htm\u003c/a\u003e\u003cbr\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc0793.txt\"\u003erfc"
},
{
"trust": 0.1,
"url": "http://www.niscc.gov.uk/aboutniscc/index.htm\"\u003ehttp://www.niscc.gov.uk/aboutniscc/index.htm\u003c/a\u003e\u003cbr\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1323.txt\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.niscc.gov.uk/bgp%20filtering%20guide.pdf\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=4030\"\u003e4030\u003c/a\u003e.\u003cbr\u003e"
},
{
"trust": 0.1,
"url": "http://www.qorbit.net/documents/junos-bgp-template.pdf\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.niscc.gov.uk/images/newtitle.gif\""
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1323.txt\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc3562.txt\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml\"\u003ehttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.cymru.com/documents/secure-bgp-template.html\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0230\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc3562.txt\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.sans.org/y2k/egress.htm\"\u003ehttp://www.sans.org/y2k/egress.htm\u003c/a\u003e.\u003cbr\u003e"
},
{
"trust": 0.1,
"url": "http://www.sans.org/y2k/egress.htm\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.niscc.gov.uk/bgp"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc2385.txt\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.polycom.com/securitycenter\u003c/a\u003e.\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.cymru.com/documents/ip-stack-tuning.html\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.niscc.gov.uk/bgp%20filtering%20guide.pdf\"\u003ehttp://www.niscc.gov.uk/bgp"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1771.txt\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.uniras.gov.uk/uniras.asc\"\u003ehttp://www.uniras.gov.uk/uniras.asc\u003c/a\u003e.\u003cbr\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0230\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0230\"\u003ecan-2004-0230\u003c/a\u003e.\u003cbr\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc2385.txt\"\u003erfc"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc2385.txt\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1323.txt\"\u003erfc"
},
{
"trust": 0.1,
"url": "http://www.checkpoint.com/techsupport/alerts/tcp_dos.html\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.seil.jp/en/ann/announce_en_20040421_01.txt\u003c/a\u003e.\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc793.txt\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.jpcert.or.jp\"\u003ejpcert/cc\u003c/a\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc2827.txt\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc2827.txt\"\u003erfc"
},
{
"trust": 0.1,
"url": "http://www.iniche.com\"\u003ewww.iniche.com\u003c/a\u003e"
},
{
"trust": 0.1,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=4030\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.seil.jp/en/ann/announce_en_20040421_01.txt\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.qorbit.net/documents/junos-bgp-template.pdf\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.sans.org/y2k/egress.htm\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=4030\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.checkpoint.com/techsupport/alerts/tcp_dos.html\u003c/a\u003e.\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1771.txt\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml\"\u003ehttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml\u003c/a\u003e\u003cbr\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc3682.txt\u003c/a\u003e\u003c/td\u003e"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc3562.txt\"\u003erfc"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\"\u003ehttp://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\u003c/a\u003e\u003cbr\u003e"
},
{
"trust": 0.1,
"url": "http://www.cymru.com/documents/ip-stack-tuning.html\"\u003e"
},
{
"trust": 0.1,
"url": "https://www.juniper.net/support\"\u003ehttps://www.juniper.net/support\u003c/a\u003e."
},
{
"trust": 0.1,
"url": "http://www.jpcert.or.jp/at/2004/at040003.txt\"\u003ehttp://www.jpcert.or.jp/at/2004/at040003.txt\u003c/a\u003e.\u003c/font\u003e\u003c/i\u003e\u003cbr\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0230\u003e"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "http://www.freebsd.org/handbook/kernelconfig.html\u003e"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-14:19/tcp.patch"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-14:19/tcp.patch.asc"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/advisories/freebsd-sa-14:19.tcp.asc\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0230"
},
{
"trust": 0.1,
"url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "VULHUB",
"id": "VHN-8660"
},
{
"db": "VULMON",
"id": "CVE-2004-0230"
},
{
"db": "BID",
"id": "10183"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000150"
},
{
"db": "PACKETSTORM",
"id": "37558"
},
{
"db": "PACKETSTORM",
"id": "33143"
},
{
"db": "PACKETSTORM",
"id": "33160"
},
{
"db": "PACKETSTORM",
"id": "33159"
},
{
"db": "PACKETSTORM",
"id": "33152"
},
{
"db": "PACKETSTORM",
"id": "128284"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-159"
},
{
"db": "NVD",
"id": "CVE-2004-0230"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "VULHUB",
"id": "VHN-8660"
},
{
"db": "VULMON",
"id": "CVE-2004-0230"
},
{
"db": "BID",
"id": "10183"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000150"
},
{
"db": "PACKETSTORM",
"id": "37558"
},
{
"db": "PACKETSTORM",
"id": "33143"
},
{
"db": "PACKETSTORM",
"id": "33160"
},
{
"db": "PACKETSTORM",
"id": "33159"
},
{
"db": "PACKETSTORM",
"id": "33152"
},
{
"db": "PACKETSTORM",
"id": "128284"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-159"
},
{
"db": "NVD",
"id": "CVE-2004-0230"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-04-20T00:00:00",
"db": "CERT/CC",
"id": "VU#415294"
},
{
"date": "2004-08-18T00:00:00",
"db": "VULHUB",
"id": "VHN-8660"
},
{
"date": "2004-08-18T00:00:00",
"db": "VULMON",
"id": "CVE-2004-0230"
},
{
"date": "2004-04-20T00:00:00",
"db": "BID",
"id": "10183"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000150"
},
{
"date": "2005-05-29T20:22:44",
"db": "PACKETSTORM",
"id": "37558"
},
{
"date": "2004-04-23T05:59:41",
"db": "PACKETSTORM",
"id": "33143"
},
{
"date": "2004-04-22T07:16:00",
"db": "PACKETSTORM",
"id": "33160"
},
{
"date": "2004-04-22T07:14:00",
"db": "PACKETSTORM",
"id": "33159"
},
{
"date": "2004-04-22T02:04:00",
"db": "PACKETSTORM",
"id": "33152"
},
{
"date": "2014-09-17T15:58:15",
"db": "PACKETSTORM",
"id": "128284"
},
{
"date": "2004-08-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200408-159"
},
{
"date": "2004-08-18T04:00:00",
"db": "NVD",
"id": "CVE-2004-0230"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-05-01T00:00:00",
"db": "CERT/CC",
"id": "VU#415294"
},
{
"date": "2018-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-8660"
},
{
"date": "2018-10-19T00:00:00",
"db": "VULMON",
"id": "CVE-2004-0230"
},
{
"date": "2015-08-12T22:24:00",
"db": "BID",
"id": "10183"
},
{
"date": "2015-01-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000150"
},
{
"date": "2020-05-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200408-159"
},
{
"date": "2018-10-19T15:30:05.173000",
"db": "NVD",
"id": "CVE-2004-0230"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "33143"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-159"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Border Gateway Protocol relies on persistent TCP sessions without specifying authentication requirements",
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200408-159"
}
],
"trust": 0.6
}
}
VAR-201901-0389
Vulnerability from variot - Updated: 2024-07-23 20:11BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1. BIND 9 Includes remote service disruption ( DoS ) Is possible, and there are vulnerabilities due to imperfect implementation. BIND 9 Has an error in the order of cleanup processing in iterative search. As a result, freed memory usage (use-after-free) by assertion failure Occurs, named May end abnormally.Service disruption by a remote third party (DoS) attack (named Stop ) May be done. ISC BIND is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. =========================================================================== Ubuntu Security Notice USN-3535-2 January 17, 2018
bind9 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Bind could be made to crash if it received specially crafted network traffic. This update provides the corresponding update for Ubuntu 12.04 ESM.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESM: bind9=C2=A01:9.8.1.dfsg.P1-4ubuntu0.24
In general, a standard system update will make all the necessary changes. 7.2) - noarch, x86_64
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: bind security update Advisory ID: RHSA-2018:0487-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:0487 Issue date: 2018-03-12 CVE Names: CVE-2017-3145 =====================================================================
- Summary:
An update for bind is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.6) - x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, the BIND daemon (named) will be restarted automatically.
- Package List:
Red Hat Enterprise Linux HPC Node EUS (v. 6.7):
Source: bind-9.8.2-0.37.rc1.el6_7.12.src.rpm
x86_64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7):
x86_64: bind-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.4):
Source: bind-9.8.2-0.17.rc1.el6_4.13.src.rpm
x86_64: bind-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.13.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm bind-libs-9.8.2-0.17.rc1.el6_4.13.i686.rpm bind-libs-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm bind-utils-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.5):
Source: bind-9.8.2-0.23.rc1.el6_5.8.src.rpm
x86_64: bind-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.8.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.8.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.6):
Source: bind-9.8.2-0.30.rc1.el6_6.10.src.rpm
x86_64: bind-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 6.6):
Source: bind-9.8.2-0.30.rc1.el6_6.10.src.rpm
x86_64: bind-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 6.7):
Source: bind-9.8.2-0.37.rc1.el6_7.12.src.rpm
i386: bind-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-utils-9.8.2-0.37.rc1.el6_7.12.i686.rpm
ppc64: bind-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.ppc.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.ppc.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm
s390x: bind-9.8.2-0.37.rc1.el6_7.12.s390x.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.12.s390x.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.s390.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.s390x.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.s390.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.s390x.rpm bind-utils-9.8.2-0.37.rc1.el6_7.12.s390x.rpm
x86_64: bind-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.4):
Source: bind-9.8.2-0.17.rc1.el6_4.13.src.rpm
x86_64: bind-debuginfo-9.8.2-0.17.rc1.el6_4.13.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm bind-devel-9.8.2-0.17.rc1.el6_4.13.i686.rpm bind-devel-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.5):
Source: bind-9.8.2-0.23.rc1.el6_5.8.src.rpm
x86_64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.8.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.8.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.6):
x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 6.6):
x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 6.7):
i386: bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.12.i686.rpm
ppc64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.ppc.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.ppc.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm
s390x: bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.s390.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.s390x.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.s390.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.s390x.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.12.s390x.rpm
x86_64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-3145 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFapuHoXlSAg2UNWIIRApI5AJ9D6cQ9NxkCATQtDIoJ9SB0ekXKbwCgpOKO viuhqUpM6GkfDjqGPnp9n+E= =nWW0 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 7) - aarch64, ppc64le
- A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request.
For the oldstable distribution (jessie), this problem has been fixed in version 1:9.9.5.dfsg-9+deb8u15.
For the stable distribution (stretch), this problem has been fixed in version 1:9.10.3.dfsg.P4-12.3+deb9u4.
We recommend that you upgrade your bind9 packages.
For the detailed security status of bind9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/bind9
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlpedglfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QpmhAAi8d529DGMZOzcaRyvyWEa+Hth+CLca5y/4Wugv/BrRjTn+tDzYriNatW wtLQLWZOiyxtPvcQjU+lwxRzSh4r++JorSbTdq6SNSKK1VTe67yCst0n7O5k9jhb G31FXHeXyYjp7JMGPxQ1T6xwvbjpOnI3wwE7LkxZY69Lo/bOLoeiY9BDojdkuexd KK4vPQFkMwrARszjEb3QriCJbkhv8uiCA0vg15cD4zFJJ3yYiB/+sVJScc7jnSwo pxdSSIQrYzRNNN5vqkTV6JHta+fwX3taN4U5Ov7QD3v5NkL/yR53Wv3V2O7jlfLs 0AV2Lhm3CyB2VGp0XzTSIGvUvlROGDmsSvwM+QT+zbg5+7JVu3UI25YpL7faJ5oy MPmj/w+tZkFepxFuRjV8LwSdcP1JtNd9UIN/5ugbOk6R95vse5WXwQKa1eZ6a7X2 3sTwlFC2aN9kLfD51ROzYKb0sJbgu9tEscJYJ6kz77pSA0LZ22K37XHq80z3wuLh xCCS3YEjxVl/Zh+qLmAekZgKih2lWGt5inTstRzcVqzJlJoz1xoLBR7LoEW9sp1R 4XcGxh38QGdpxTs6sr71cRIPr6DpA1tpDt5EOaIw+nIC/t0JxVvbX6V15UYTd6++ X4hS2czq3HAR8J52MlMSjyXrdvp4u6Drta0D/axxa/YAHI5KXWA= =84Lf -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-0389",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.10.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.10.6"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.9.11"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "18.2r1"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "12.3x48-d70"
},
{
"model": "data ontap edge",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "15.1x49-d140"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.7"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.10.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "17.4r2"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.10.6"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.12.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "18.1r2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.11.2"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.11"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.11.0"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.4.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "12.1x46-d76"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.8.8"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.0.0 from 9.8.x"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.10.0 from 9.10.6"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.10.5-s1 from 9.10.6-s1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.11.0 from 9.11.2"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.12.0a1 from 9.12.0rc1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.9.0 from 9.9.11"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.9.3-s1 from 9.9.11-s1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.2"
},
{
"model": "bind 9.7.0b2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.6.2b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.1-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.1b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5"
},
{
"model": "bind 9.10.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.5.2-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "bind 9.9.10-s3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.4-p5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.2-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.0b3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "14.0"
},
{
"model": "bind 9.7.0b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6.1"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.5"
},
{
"model": "bind 9.9.7-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.2"
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3"
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.5"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.0"
},
{
"model": "bind 9.8.3-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-s9",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.0-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind 9.8.0-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "bind b3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind 9.9.9-s2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.1"
},
{
"model": "bind 9.10.4-p6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind b4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind 9.10.5-s3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"model": "bind rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.6"
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind rc4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind 9.5.2-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "bind 9.9.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.5.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "bind 9.6.2-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.10rc1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6.1"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "bind 9.3.5-p2-w2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip aam",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "14.0"
},
{
"model": "bind 9.8.6-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.3-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.3"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3.2"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "bind 9.5.0a7",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-s8",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "bind 9.6.0-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.4"
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "14.0"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.2"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind 9.9.8-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.11.1"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind 9.10.4-p7",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3"
},
{
"model": "bind 9.5.0a6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.8"
},
{
"model": "bind 9.10.4-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.7-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.3-b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.0"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.1"
},
{
"model": "bind b3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.1"
},
{
"model": "bind 9.7.4b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6.1"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3.4"
},
{
"model": "big-ip websafe",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "bind 9.10.1-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.5"
},
{
"model": "bind beta",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.4"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind 9.12.0rc1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.5.0-p2-w1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.6"
},
{
"model": "bind p3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "bind 9.10.3-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.5"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.6"
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "bind 9.7.3-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.3-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind 9.9.10-s2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind 9.11.0a3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "bind 9.9.3-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.6"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.4"
},
{
"model": "bind 9.4.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8-s6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.1-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.4.2-p2-w2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.3rc1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3.2"
},
{
"model": "bind 9.9.9-s10",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "14.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.1"
},
{
"model": "bind 9.12.0a1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.5"
},
{
"model": "bind 9.9.9-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.8"
},
{
"model": "bind 9.9.9-s5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "14.0"
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6.2"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "bind 9.6.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind -p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.1"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.1"
},
{
"model": "bind 9.9.9-s3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.6"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "bind 9.9.3-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.1b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.5-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "bind 9.11.1rc2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.4-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5.3"
},
{
"model": "bind 9.9.9-p5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "big-ip edge gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "bind 9.5.0a3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "bind 9.7.6-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.2"
},
{
"model": "bind 9.11.2-p1",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.10-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.4"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.0"
},
{
"model": "bind 9.9.9-s6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.0-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.2"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.8"
},
{
"model": "bind 9.8.6-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "bind 9.5.0b2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.11.0"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.9"
},
{
"model": "bind 9.9.8-s5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.0-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "bind 9.10.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.10-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.6-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3.2"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "bind 9.6.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.4-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.5-b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "14.0"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3.4"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"model": "bind 9.7.2-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3.2"
},
{
"model": "bind 9.7.6-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.6"
},
{
"model": "bind 9.8.8-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind 9.5.1b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"model": "bind 9.8.4-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "bind 9.5.3b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.3"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.7"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "big-ip aam",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3.2"
},
{
"model": "bind 9.5.0-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.6-s2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.2"
},
{
"model": "big-ip aam",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "14.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.11.2"
},
{
"model": "bind 9.11.0b2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.1b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.0-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.5"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.1"
},
{
"model": "bind 9.5.2b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "14.0"
},
{
"model": "bind 9.9.1-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.1"
},
{
"model": "bind 9.10.5rc2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip aam",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.0"
},
{
"model": "bind 9.10.2-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.4-p8",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.8"
},
{
"model": "bind 9.11.0-p5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.0rc3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.4"
},
{
"model": "bind 9.10.4-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.5.0b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind 9.9.9-p8",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3.2"
},
{
"model": "bind 9.5.0a5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.10rc3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.6"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "bind 9.10.6-p1",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5.2"
},
{
"model": "bind 9.7.4-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip websafe",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3.2"
},
{
"model": "bind 9.6.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3.2"
},
{
"model": "big-ip websafe",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "14.0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"model": "bind 9.7.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.10-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3.4"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.6"
},
{
"model": "bind 9.10.5-s2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.6-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.4"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind 9.7.0a2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.4-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.2"
},
{
"model": "bind p3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6.1"
},
{
"model": "big-ip websafe",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "bind 9.9.8-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3.4"
},
{
"model": "bind 9.7.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "bind 9.9.11-s2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.3-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6.1"
},
{
"model": "bind 9.4.3b2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.0rc1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.4.2-p2-w1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "bind 9.9.10b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.1"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.2"
},
{
"model": "bind 9.9.4-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"model": "bind 9.9.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind 9.8.4-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.2"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "bind 9.9.9-p7",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.2"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.6"
},
{
"model": "bind 9.9.9-s4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.7-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "bind 9.9.1-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "bind 9.11.1rc1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5rc1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3.2"
},
{
"model": "bind 9.10.5-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.5"
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind 9.3.5-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.11-p1",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.0-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.5"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.6"
},
{
"model": "big-ip edge gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "14.0"
},
{
"model": "bind 9.9.6-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.7"
},
{
"model": "bind 9.7.0a1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "bind p3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5.3"
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3.4"
},
{
"model": "bind 9.9.8-s4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3"
},
{
"model": "bind 9.11.0-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3.4"
},
{
"model": "bind 9.11.1rc3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.3-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.7"
},
{
"model": "bind 9.7.3-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.2"
},
{
"model": "bind 9.9.8rc1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind 9.9.8-s3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.6"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "14.0"
},
{
"model": "bind 9.9.9-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.6-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.3-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "bind 9.6.1b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.4"
},
{
"model": "bind 9.6.1-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.2"
},
{
"model": "bind 9.9.9-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.0-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.5.0a4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.3.5-p2-w1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind 9.8.0-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5rc3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.12.0rc2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip aam",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3.4"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "bind 9.11.0-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.4"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "14.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.2"
},
{
"model": "bind 9.9.8-s2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.5.0-p2-w2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.6"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "bind 9.9.6-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.0-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind 9.10.3-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "bind 9.5.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.2"
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "bind -p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind 9.11.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.3"
},
{
"model": "bind 9.9.11-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.7"
},
{
"model": "bind 9.8.3-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3.4"
},
{
"model": "bind 9.8.3-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "big-ip websafe",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3.4"
},
{
"model": "bind 9.11.1-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.3"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3.4"
},
{
"model": "bind 9.11.0b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.0a3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "bind 9.8.5-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-s7",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3"
},
{
"model": "bind p4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.0"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.1"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "14.0"
},
{
"model": "bind 9.9.10rc2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.0"
},
{
"model": "bind 9.9.9-p6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.3-s1-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8.5"
}
],
"sources": [
{
"db": "BID",
"id": "102716"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001003"
},
{
"db": "NVD",
"id": "CVE-2017-3145"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.10.5:s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.8.8",
"versionStartIncluding": "9.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.12.0:b1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.12.0:b2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.12.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.12.0:alpha1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.10.6:s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.11:s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.11.2",
"versionStartIncluding": "9.11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.10.6",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.9.11",
"versionStartIncluding": "9.9.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46-d76:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48-d70:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49-d140:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.4r2:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:18.1r2:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:18.2r1:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3145"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jayachandran Palanisamy of Cygate AB",
"sources": [
{
"db": "BID",
"id": "102716"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-833"
}
],
"trust": 0.9
},
"cve": "CVE-2017-3145",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2018-001003",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-3145",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "security-officer@isc.org",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2018-001003",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-3145",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "security-officer@isc.org",
"id": "CVE-2017-3145",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2018-001003",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-833",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-3145",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-3145"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001003"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-833"
},
{
"db": "NVD",
"id": "CVE-2017-3145"
},
{
"db": "NVD",
"id": "CVE-2017-3145"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1. BIND 9 Includes remote service disruption ( DoS ) Is possible, and there are vulnerabilities due to imperfect implementation. BIND 9 Has an error in the order of cleanup processing in iterative search. As a result, freed memory usage (use-after-free) by assertion failure Occurs, named May end abnormally.Service disruption by a remote third party (DoS) attack (named Stop ) May be done. ISC BIND is prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause denial-of-service conditions. \n===========================================================================\nUbuntu Security Notice USN-3535-2\nJanuary 17, 2018\n\nbind9 vulnerability\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nBind could be made to crash if it received specially crafted network\ntraffic. This update provides\nthe corresponding update for Ubuntu 12.04 ESM. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\n bind9=C2=A01:9.8.1.dfsg.P1-4ubuntu0.24\n\nIn general, a standard system update will make all the necessary\nchanges. 7.2) - noarch, x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: bind security update\nAdvisory ID: RHSA-2018:0487-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2018:0487\nIssue date: 2018-03-12\nCVE Names: CVE-2017-3145 \n=====================================================================\n\n1. Summary:\n\nAn update for bind is now available for Red Hat Enterprise Linux 6.4\nAdvanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update\nSupport, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat\nEnterprise Linux 6.6 Telco Extended Update Support, and Red Hat Enterprise\nLinux 6.7 Extended Update Support. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64\nRed Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 6.6) - x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. \n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically. \n\n5. Package List:\n\nRed Hat Enterprise Linux HPC Node EUS (v. 6.7):\n\nSource:\nbind-9.8.2-0.37.rc1.el6_7.12.src.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.12.i686.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\nbind-utils-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional EUS (v. 6.7):\n\nx86_64:\nbind-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\nbind-chroot-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.12.i686.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\nbind-sdb-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.4):\n\nSource:\nbind-9.8.2-0.17.rc1.el6_4.13.src.rpm\n\nx86_64:\nbind-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm\nbind-chroot-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.13.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.13.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm\nbind-utils-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.5):\n\nSource:\nbind-9.8.2-0.23.rc1.el6_5.8.src.rpm\n\nx86_64:\nbind-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.8.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.8.i686.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.6):\n\nSource:\nbind-9.8.2-0.30.rc1.el6_6.10.src.rpm\n\nx86_64:\nbind-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.10.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.10.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 6.6):\n\nSource:\nbind-9.8.2-0.30.rc1.el6_6.10.src.rpm\n\nx86_64:\nbind-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.10.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.10.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 6.7):\n\nSource:\nbind-9.8.2-0.37.rc1.el6_7.12.src.rpm\n\ni386:\nbind-9.8.2-0.37.rc1.el6_7.12.i686.rpm\nbind-chroot-9.8.2-0.37.rc1.el6_7.12.i686.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.12.i686.rpm\nbind-utils-9.8.2-0.37.rc1.el6_7.12.i686.rpm\n\nppc64:\nbind-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm\nbind-chroot-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.ppc.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.12.ppc.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm\nbind-utils-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm\n\ns390x:\nbind-9.8.2-0.37.rc1.el6_7.12.s390x.rpm\nbind-chroot-9.8.2-0.37.rc1.el6_7.12.s390x.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.s390.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.s390x.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.12.s390.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.12.s390x.rpm\nbind-utils-9.8.2-0.37.rc1.el6_7.12.s390x.rpm\n\nx86_64:\nbind-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\nbind-chroot-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.12.i686.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\nbind-utils-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4):\n\nSource:\nbind-9.8.2-0.17.rc1.el6_4.13.src.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.13.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.13.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm\nbind-sdb-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5):\n\nSource:\nbind-9.8.2-0.23.rc1.el6_5.8.src.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.8.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.8.i686.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.6):\n\nx86_64:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.10.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.10.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 6.6):\n\nx86_64:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.10.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.10.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 6.7):\n\ni386:\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.12.i686.rpm\nbind-sdb-9.8.2-0.37.rc1.el6_7.12.i686.rpm\n\nppc64:\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.ppc.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.12.ppc.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm\nbind-sdb-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.s390.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.s390x.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.12.s390.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.12.s390x.rpm\nbind-sdb-9.8.2-0.37.rc1.el6_7.12.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.12.i686.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\nbind-sdb-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-3145\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFapuHoXlSAg2UNWIIRApI5AJ9D6cQ9NxkCATQtDIoJ9SB0ekXKbwCgpOKO\nviuhqUpM6GkfDjqGPnp9n+E=\n=nWW0\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 7) - aarch64, ppc64le\n\n3. A remote attacker could potentially use this flaw to make named,\nacting as a DNSSEC validating resolver, exit unexpectedly with an assertion\nfailure via a specially crafted DNS request. \n\nFor the oldstable distribution (jessie), this problem has been fixed\nin version 1:9.9.5.dfsg-9+deb8u15. \n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 1:9.10.3.dfsg.P4-12.3+deb9u4. \n\nWe recommend that you upgrade your bind9 packages. \n\nFor the detailed security status of bind9 please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/bind9\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlpedglfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0QpmhAAi8d529DGMZOzcaRyvyWEa+Hth+CLca5y/4Wugv/BrRjTn+tDzYriNatW\nwtLQLWZOiyxtPvcQjU+lwxRzSh4r++JorSbTdq6SNSKK1VTe67yCst0n7O5k9jhb\nG31FXHeXyYjp7JMGPxQ1T6xwvbjpOnI3wwE7LkxZY69Lo/bOLoeiY9BDojdkuexd\nKK4vPQFkMwrARszjEb3QriCJbkhv8uiCA0vg15cD4zFJJ3yYiB/+sVJScc7jnSwo\npxdSSIQrYzRNNN5vqkTV6JHta+fwX3taN4U5Ov7QD3v5NkL/yR53Wv3V2O7jlfLs\n0AV2Lhm3CyB2VGp0XzTSIGvUvlROGDmsSvwM+QT+zbg5+7JVu3UI25YpL7faJ5oy\nMPmj/w+tZkFepxFuRjV8LwSdcP1JtNd9UIN/5ugbOk6R95vse5WXwQKa1eZ6a7X2\n3sTwlFC2aN9kLfD51ROzYKb0sJbgu9tEscJYJ6kz77pSA0LZ22K37XHq80z3wuLh\nxCCS3YEjxVl/Zh+qLmAekZgKih2lWGt5inTstRzcVqzJlJoz1xoLBR7LoEW9sp1R\n4XcGxh38QGdpxTs6sr71cRIPr6DpA1tpDt5EOaIw+nIC/t0JxVvbX6V15UYTd6++\nX4hS2czq3HAR8J52MlMSjyXrdvp4u6Drta0D/axxa/YAHI5KXWA=\n=84Lf\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3145"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001003"
},
{
"db": "BID",
"id": "102716"
},
{
"db": "VULMON",
"id": "CVE-2017-3145"
},
{
"db": "PACKETSTORM",
"id": "145956"
},
{
"db": "PACKETSTORM",
"id": "145946"
},
{
"db": "PACKETSTORM",
"id": "146729"
},
{
"db": "PACKETSTORM",
"id": "146731"
},
{
"db": "PACKETSTORM",
"id": "145998"
},
{
"db": "PACKETSTORM",
"id": "145936"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-3145",
"trust": 3.4
},
{
"db": "ISC",
"id": "AA-01542",
"trust": 2.0
},
{
"db": "BID",
"id": "102716",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1040195",
"trust": 1.6
},
{
"db": "JVN",
"id": "JVNVU94160143",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001003",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-833",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-3145",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145956",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145946",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146729",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146731",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145998",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145936",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-3145"
},
{
"db": "BID",
"id": "102716"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001003"
},
{
"db": "PACKETSTORM",
"id": "145956"
},
{
"db": "PACKETSTORM",
"id": "145946"
},
{
"db": "PACKETSTORM",
"id": "146729"
},
{
"db": "PACKETSTORM",
"id": "146731"
},
{
"db": "PACKETSTORM",
"id": "145998"
},
{
"db": "PACKETSTORM",
"id": "145936"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-833"
},
{
"db": "NVD",
"id": "CVE-2017-3145"
}
]
},
"id": "VAR-201901-0389",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.44401007833333334
},
"last_update_date": "2024-07-23T20:11:00.587000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "AXSA:2018-2521:01",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/ja/node/8964"
},
{
"title": "AXSA:2018-2550:01",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/ja/node/8993"
},
{
"title": "CVE-2017-3145: Improper fetch cleanup sequencing in the resolver can cause named to crash",
"trust": 0.8,
"url": "https://kb.isc.org/article/aa-01542"
},
{
"title": "NV18-005",
"trust": 0.8,
"url": "https://jpn.nec.com/security-info/secinfo/nv18-005.html"
},
{
"title": "ISC BIND Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=77998"
},
{
"title": "Red Hat: Important: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20180488 - security advisory"
},
{
"title": "Red Hat: Important: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20180487 - security advisory"
},
{
"title": "Red Hat: Important: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20180101 - security advisory"
},
{
"title": "Red Hat: Important: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20180102 - security advisory"
},
{
"title": "Debian Security Advisories: DSA-4089-1 bind9 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=d4392d30ef0d32240af0ee042303799a"
},
{
"title": "Ubuntu Security Notice: bind9 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3535-1"
},
{
"title": "Ubuntu Security Notice: bind9 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3535-2"
},
{
"title": "Amazon Linux 2: ALAS2-2018-954",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2018-954"
},
{
"title": "Amazon Linux AMI: ALAS-2018-954",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2018-954"
},
{
"title": "Red Hat: CVE-2017-3145",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-3145"
},
{
"title": "Arch Linux Advisories: [ASA-201801-16] bind: denial of service",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201801-16"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-3145"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=f32dfd41aa9d3b8bbe5c2d9a27cbdbe6"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=f20bc19459353e30190c7e47d9da0c23"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=525e4e31765e47b9e53b24e880af9d6e"
},
{
"title": "bind9",
"trust": 0.1,
"url": "https://github.com/altinners/bind9 "
},
{
"title": "balabit-os-7-bind9",
"trust": 0.1,
"url": "https://github.com/balabit-deps/balabit-os-7-bind9 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/balabit-deps/balabit-os-8-bind9-libs "
},
{
"title": "os-bind9",
"trust": 0.1,
"url": "https://github.com/pexip/os-bind9 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/balabit-deps/balabit-os-9-bind9-libs "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/pexip/os-bind9-libs "
},
{
"title": "gocarts",
"trust": 0.1,
"url": "https://github.com/tomoyamachi/gocarts "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/nikulinms/13-01-hw "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-3145"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001003"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-833"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3145"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/102716"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2018:0488"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2018:0487"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2018:0102"
},
{
"trust": 1.6,
"url": "https://security.netapp.com/advisory/ntap-20180117-0003/"
},
{
"trust": 1.6,
"url": "https://access.redhat.com/errata/rhsa-2018:0101"
},
{
"trust": 1.6,
"url": "https://www.debian.org/security/2018/dsa-4089"
},
{
"trust": 1.6,
"url": "https://supportportal.juniper.net/s/article/2018-07-security-bulletin-srx-series-vulnerabilities-in-isc-bind-named"
},
{
"trust": 1.6,
"url": "https://kb.isc.org/docs/aa-01542"
},
{
"trust": 1.6,
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1040195"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3145"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3145"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20180118-bind.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2018/at180005.html"
},
{
"trust": 0.8,
"url": "https://www.nic.ad.jp/ja/topics/2018/20180117-01.html"
},
{
"trust": 0.8,
"url": "https://jprs.jp/tech/security/2018-01-17-bind9-vuln-improperly-sequencing-cleanup.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu94160143/index.html"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ncas/current-activity/2018/01/16/isc-releases-security-advisories-dhcp-bind"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2017-3145"
},
{
"trust": 0.4,
"url": "https://kb.isc.org/article/aa-01542"
},
{
"trust": 0.3,
"url": "ftp://ftp.isc.org/isc/bind9/9.10.6-p1/patches/cve-2017-3145"
},
{
"trust": 0.3,
"url": "ftp://ftp.isc.org/isc/bind9/9.11.2-p1/patches/cve-2017-3145"
},
{
"trust": 0.3,
"url": "ftp://ftp.isc.org/isc/bind9/9.9.11-p1/patches/cve-2017-3145"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534812"
},
{
"trust": 0.3,
"url": "http://www.isc.org/products/bind/"
},
{
"trust": 0.3,
"url": "https://support.f5.com/csp/article/k08613310"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://www.ubuntu.com/usn/usn-3535-1"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3535-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-3ubuntu0.17"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.p4-12.6ubuntu1.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.p4-8ubuntu1.10"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/bind9"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
}
],
"sources": [
{
"db": "BID",
"id": "102716"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001003"
},
{
"db": "PACKETSTORM",
"id": "145956"
},
{
"db": "PACKETSTORM",
"id": "145946"
},
{
"db": "PACKETSTORM",
"id": "146729"
},
{
"db": "PACKETSTORM",
"id": "146731"
},
{
"db": "PACKETSTORM",
"id": "145998"
},
{
"db": "PACKETSTORM",
"id": "145936"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-833"
},
{
"db": "NVD",
"id": "CVE-2017-3145"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2017-3145"
},
{
"db": "BID",
"id": "102716"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001003"
},
{
"db": "PACKETSTORM",
"id": "145956"
},
{
"db": "PACKETSTORM",
"id": "145946"
},
{
"db": "PACKETSTORM",
"id": "146729"
},
{
"db": "PACKETSTORM",
"id": "146731"
},
{
"db": "PACKETSTORM",
"id": "145998"
},
{
"db": "PACKETSTORM",
"id": "145936"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-833"
},
{
"db": "NVD",
"id": "CVE-2017-3145"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-16T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3145"
},
{
"date": "2018-01-16T00:00:00",
"db": "BID",
"id": "102716"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001003"
},
{
"date": "2018-01-18T04:10:51",
"db": "PACKETSTORM",
"id": "145956"
},
{
"date": "2018-01-17T22:24:00",
"db": "PACKETSTORM",
"id": "145946"
},
{
"date": "2018-03-12T10:11:11",
"db": "PACKETSTORM",
"id": "146729"
},
{
"date": "2018-03-12T11:11:11",
"db": "PACKETSTORM",
"id": "146731"
},
{
"date": "2018-01-22T03:05:00",
"db": "PACKETSTORM",
"id": "145998"
},
{
"date": "2018-01-16T23:23:00",
"db": "PACKETSTORM",
"id": "145936"
},
{
"date": "2018-01-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-833"
},
{
"date": "2019-01-16T20:29:00.690000",
"db": "NVD",
"id": "CVE-2017-3145"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-21T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3145"
},
{
"date": "2019-02-14T04:00:00",
"db": "BID",
"id": "102716"
},
{
"date": "2019-08-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001003"
},
{
"date": "2023-06-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-833"
},
{
"date": "2023-06-21T18:19:59.960000",
"db": "NVD",
"id": "CVE-2017-3145"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "145956"
},
{
"db": "PACKETSTORM",
"id": "145946"
},
{
"db": "PACKETSTORM",
"id": "145998"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-833"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISC BIND 9 Service operation interruption (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001003"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-833"
}
],
"trust": 0.6
}
}
VAR-201506-0496
Vulnerability from variot - Updated: 2024-07-23 19:41Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier. OpenSSL is prone to a race-condition security vulnerability. The impact of this issue is currently unknown. We will update this BID when more information emerges. The following are vulnerable: OpenSSL 1.0.2 prior to 1.0.2b OpenSSL 1.0.1 prior to 1.0.1n OpenSSL 1.0.0 prior to 1.0.0s OpenSSL 0.9.8 prior to 0.9.8zg. The following firmware versions of Virtual Connect (VC) are impacted:
HPE BladeSystem c-Class Virtual Connect (VC) Firmware 4.30 through VC 4.45 HPE BladeSystem c-Class Virtual Connect (VC) Firmware 3.62 through VC 4.21
Note: Firmware versions 3.62 through 4.21 are not impacted by CVE-2016-0800, CVE-2015-3194, CVE-2014-3566, CVE-2015-0705, CVE-2016-0799, and CVE-2016-2842. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04760669
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04760669 Version: 1
HPSBUX03388 SSRT102180 rev.1 - HP-UX running OpenSSL, Remote Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-08-05 Last Updated: 2015-08-05
Potential Security Impact: Remote disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running OpenSSL with SSL/TLS enabled.
This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as Logjam which could be exploited remotely resulting in disclosure of information.
References:
CVE-2015-4000: DHE man-in-the-middle protection (Logjam).
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-4000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2015-1788 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1791 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1793 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided an updated version of OpenSSL to resolve this vulnerability.
A new B.11.31 depot for OpenSSL_A.01.00.01p is available here:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =OPENSSL11I
MANUAL ACTIONS: Yes - Update
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.31
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.01.00.01p or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 5 August 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAlXCSD4ACgkQ4B86/C0qfVlKnQCg5XcK1amrTACEyDY3QtJF75u2 L90AnAgGXxSCZgBVzDQCAezbHbrHPwtg =74KM -----END PGP SIGNATURE----- .
Background
OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security as well as a general purpose cryptography library.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.1o >= 0.9.8z_p7 >= 1.0.1o
Description
Multiple vulnerabilities have been found in OpenSSL. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 1.0.1 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1o"
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8z_p7"
References
[ 1 ] CVE-2014-8176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8176 [ 2 ] CVE-2015-1788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1788 [ 3 ] CVE-2015-1789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1789 [ 4 ] CVE-2015-1790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1790 [ 5 ] CVE-2015-1791 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1791 [ 6 ] CVE-2015-1792 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1792 [ 7 ] CVE-2015-4000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4000
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201506-02
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
References:
- CVE-2014-8176 - Remote Denial of Service (DoS)
- CVE-2015-1788 - Remote Denial of Service (DoS)
- CVE-2015-1789 - Remote Denial of Service (DoS)
- CVE-2015-1790 - Remote Denial of Service (DoS)
- CVE-2015-1791 - Remote Denial of Service (DoS)
- CVE-2015-1792 - Remote Denial of Service (DoS)
- CVE-2015-1793 - Remote Unauthorized Access
- PSRT110158, SSRT102264
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
Please refer to the RESOLUTION below for a list of impacted products.
COMWARE 5 Products
- A6600 (Comware 5) - Version: R3303P23
- HP Network Products
- JC165A HP 6600 RPE-X1 Router Module
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JC566A HP 6600 RSE-X1 Router Main Processing Unit
- JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit
- JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit
- HSR6602 (Comware 5) - Version: R3303P23
- HP Network Products
- JC176A HP 6602 Router Chassis
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG355A HP 6600 MCP-X1 Router Main Processing Unit
- JG356A HP 6600 MCP-X2 Router Main Processing Unit
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit
- HSR6800 (Comware 5) - Version: R3303P23
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit
- MSR20 (Comware 5) - Version: R2514P10
- HP Network Products
- JD432A HP A-MSR20-21 Router
- JD662A HP MSR20-20 Router
- JD663A HP A-MSR20-21 Router
- JD663B HP MSR20-21 Router
- JD664A HP MSR20-40 Router
- JF228A HP MSR20-40 Router
- JF283A HP MSR20-20 Router
- MSR20-1X (Comware 5) - Version: R2514P10
- HP Network Products
- JD431A HP MSR20-10 Router
- JD667A HP MSR20-15 IW Multi-Service Router
- JD668A HP MSR20-13 Multi-Service Router
- JD669A HP MSR20-13 W Multi-Service Router
- JD670A HP MSR20-15 A Multi-Service Router
- JD671A HP MSR20-15 AW Multi-Service Router
- JD672A HP MSR20-15 I Multi-Service Router
- JD673A HP MSR20-11 Multi-Service Router
- JD674A HP MSR20-12 Multi-Service Router
- JD675A HP MSR20-12 W Multi-Service Router
- JD676A HP MSR20-12 T1 Multi-Service Router
- JF236A HP MSR20-15-I Router
- JF237A HP MSR20-15-A Router
- JF238A HP MSR20-15-I-W Router
- JF239A HP MSR20-11 Router
- JF240A HP MSR20-13 Router
- JF241A HP MSR20-12 Router
- JF806A HP MSR20-12-T Router
- JF807A HP MSR20-12-W Router
- JF808A HP MSR20-13-W Router
- JF809A HP MSR20-15-A-W Router
- JF817A HP MSR20-15 Router
- JG209A HP MSR20-12-T-W Router (NA)
- JG210A HP MSR20-13-W Router (NA)
- MSR 30 (Comware 5) - Version: R2514P10
- HP Network Products
- JD654A HP MSR30-60 POE Multi-Service Router
- JD657A HP MSR30-40 Multi-Service Router
- JD658A HP MSR30-60 Multi-Service Router
- JD660A HP MSR30-20 POE Multi-Service Router
- JD661A HP MSR30-40 POE Multi-Service Router
- JD666A HP MSR30-20 Multi-Service Router
- JF229A HP MSR30-40 Router
- JF230A HP MSR30-60 Router
- JF232A HP RTMSR3040-AC-OVSAS-H3
- JF235A HP MSR30-20 DC Router
- JF284A HP MSR30-20 Router
- JF287A HP MSR30-40 DC Router
- JF801A HP MSR30-60 DC Router
- JF802A HP MSR30-20 PoE Router
- JF803A HP MSR30-40 PoE Router
- JF804A HP MSR30-60 PoE Router
- JG728A HP MSR30-20 TAA-compliant DC Router
- JG729A HP MSR30-20 TAA-compliant Router
- MSR 30-16 (Comware 5) - Version: R2514P10
- HP Network Products
- JD659A HP MSR30-16 POE Multi-Service Router
- JD665A HP MSR30-16 Multi-Service Router
- JF233A HP MSR30-16 Router
- JF234A HP MSR30-16 PoE Router
- MSR 30-1X (Comware 5) - Version: R2514P10
- HP Network Products
- JF800A HP MSR30-11 Router
- JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr
- JG182A HP MSR30-11E Router
- JG183A HP MSR30-11F Router
- JG184A HP MSR30-10 DC Router
- MSR 50 (Comware 5) - Version: R2514P10
- HP Network Products
- JD433A HP MSR50-40 Router
- JD653A HP MSR50 Processor Module
- JD655A HP MSR50-40 Multi-Service Router
- JD656A HP MSR50-60 Multi-Service Router
- JF231A HP MSR50-60 Router
- JF285A HP MSR50-40 DC Router
- JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply
- MSR 50-G2 (Comware 5) - Version: R2514P10
- HP Network Products
- JD429A HP MSR50 G2 Processor Module
- JD429B HP MSR50 G2 Processor Module
- MSR 9XX (Comware 5) - Version: R2514P10
- HP Network Products
- JF812A HP MSR900 Router
- JF813A HP MSR920 Router
- JF814A HP MSR900-W Router
- JF815A HP MSR920 2FEWAN/8FELAN/.11 b/g Rtr
- JG207A HP MSR900-W Router (NA)
- JG208A HP MSR920-W Router (NA)
- MSR 93X (Comware 5) - Version: R2514P10
- HP Network Products
- JG511A HP MSR930 Router
- JG511B HP MSR930 Router
- JG512A HP MSR930 Wireless Router
- JG513A HP MSR930 3G Router
- JG513B HP MSR930 3G Router
- JG514A HP MSR931 Router
- JG514B HP MSR931 Router
- JG515A HP MSR931 3G Router
- JG516A HP MSR933 Router
- JG517A HP MSR933 3G Router
- JG518A HP MSR935 Router
- JG518B HP MSR935 Router
- JG519A HP MSR935 Wireless Router
- JG520A HP MSR935 3G Router
- JG531A HP MSR931 Dual 3G Router
- JG531B HP MSR931 Dual 3G Router
- JG596A HP MSR930 4G LTE/3G CDMA Router
- JG597A HP MSR936 Wireless Router
- JG665A HP MSR930 4G LTE/3G WCDMA Global Router
- JG704A HP MSR930 4G LTE/3G WCDMA ATT Router
- JH009A HP MSR931 Serial (TI) Router
- JH010A HP MSR933 G.SHDSL (TI) Router
- JH011A HP MSR935 ADSL2+ (TI) Router
- JH012A HP MSR930 Wireless 802.11n (NA) Router
- JH012B HP MSR930 Wireless 802.11n (NA) Router
- JH013A HP MSR935 Wireless 802.11n (NA) Router
- MSR1000 (Comware 5) - Version: R2514P10
- HP Network Products
- JG732A HP MSR1003-8 AC Router
- 12500 (Comware 5) - Version: R1829P01
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JC808A HP 12500 TAA Main Processing Unit
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- 9500E (Comware 5) - Version: R1829P01
- HP Network Products
- JC124A HP A9508 Switch Chassis
- JC124B HP 9505 Switch Chassis
- JC125A HP A9512 Switch Chassis
- JC125B HP 9512 Switch Chassis
- JC474A HP A9508-V Switch Chassis
- JC474B HP 9508-V Switch Chassis
- 10500 (Comware 5) - Version: R1210P01
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC614A HP 10500 Main Processing Unit
- JC748A HP 10512 Switch Chassis
- JG375A HP 10500 TAA-compliant Main Processing Unit
- JG820A HP 10504 TAA-compliant Switch Chassis
- JG821A HP 10508 TAA-compliant Switch Chassis
- JG822A HP 10508-V TAA-compliant Switch Chassis
- JG823A HP 10512 TAA-compliant Switch Chassis
- 7500 (Comware 5) - Version: R6710P01
- HP Network Products
- JC666A HP 7503-S 144Gbps Fabric/MPU with PoE Upgradable 20-port Gig-T/4-port GbE Combo
- JC697A HP 7502 TAA-compliant Main Processing Unit
- JC698A HP 7503-S 144Gbps TAA Fabric / MPU with 16 GbE SFP Ports and 8 GbE Combo Ports
- JC699A HP 7500 384Gbps TAA-compliant Fabric / MPU with 2 10GbE XFP Ports
- JC700A HP 7500 384Gbps TAA-compliant Fabric / Main Processing Unit
- JC701A HP 7500 768Gbps TAA-compliant Fabric / Main Processing Unit
- JD193A HP 7500 384Gbps Fabric Module with 2 XFP Ports
- JD193B HP 7500 384Gbps Fabric Module with 2 XFP Ports
- JD194A HP 7500 384Gbps Fabric Module
- JD194B HP 7500 384Gbps Fabric Module
- JD195A HP 7500 384Gbps Advanced Fabric Module
- JD196A HP 7502 Fabric Module
- JD220A HP 7500 768Gbps Fabric Module
- JD224A HP 7500 384Gbps Fabric Module with 12 SFP Ports
- JD238A HP 7510 Switch Chassis
- JD238B HP 7510 Switch Chassis
- JD239A HP 7506 Switch Chassis
- JD239B HP 7506 Switch Chassis
- JD240A HP 7503 Switch Chassis
- JD240B HP 7503 Switch Chassis
- JD241A HP 7506-V Switch Chassis
- JD241B HP 7506-V Switch Chassis
- JD242A HP 7502 Switch Chassis
- JD242B HP 7502 Switch Chassis
- JD243A HP 7503-S Switch Chassis with 1 Fabric Slot
- JD243B HP 7503-S Switch Chassis with 1 Fabric Slot
- JE164A HP E7902 Switch Chassis
- JE165A HP E7903 Switch Chassis
- JE166A HP E7903 1 Fabric Slot Switch Chassis
- JE167A HP E7906 Switch Chassis
- JE168A HP E7906 Vertical Switch Chassis
- JE169A HP E7910 Switch Chassis
- 5830 (Comware 5) - Version: R1118P13
- HP Network Products
- JC691A HP 5830AF-48G Switch with 1 Interface Slot
- JC694A HP 5830AF-96G Switch
- JG316A HP 5830AF-48G TAA-compliant Switch w/1 Interface Slot
- JG374A HP 5830AF-96G TAA-compliant Switch
- 5800 (Comware 5) - Version: R1809P11
- HP Network Products
- JC099A HP 5800-24G-PoE Switch
- JC099B HP 5800-24G-PoE+ Switch
- JC100A HP 5800-24G Switch
- JC100B HP 5800-24G Switch
- JC101A HP 5800-48G Switch with 2 Slots
- JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots
- JC103A HP 5800-24G-SFP Switch
- JC103B HP 5800-24G-SFP Switch with 1 Interface Slot
- JC104A HP 5800-48G-PoE Switch
- JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot
- JC105A HP 5800-48G Switch
- JC105B HP 5800-48G Switch with 1 Interface Slot
- JG254A HP 5800-24G-PoE+ TAA-compliant Switch
- JG254B HP 5800-24G-PoE+ TAA-compliant Switch
- JG255A HP 5800-24G TAA-compliant Switch
- JG255B HP 5800-24G TAA-compliant Switch
- JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot
- JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot
- JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot
- JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot
- JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot
- JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot
- JG225A HP 5800AF-48G Switch
- JG225B HP 5800AF-48G Switch
- JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots
- JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface
- JG243A HP 5820-24XG-SFP+ TAA-compliant Switch
- JG243B HP 5820-24XG-SFP+ TAA-compliant Switch
- JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots & 1 OAA Slot
- JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots and 1 OAA Slot
- JC106A HP 5820-14XG-SFP+ Switch with 2 Slots
- JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots & 1 OAA Slot
- JG219A HP 5820AF-24XG Switch
- JG219B HP 5820AF-24XG Switch
- JC102A HP 5820-24XG-SFP+ Switch
- JC102B HP 5820-24XG-SFP+ Switch
- 5500 HI (Comware 5) - Version: R5501P17
- HP Network Products
- JG311A HP 5500-24G-4SFP HI Switch with 2 Interface Slots
- JG312A HP 5500-48G-4SFP HI Switch with 2 Interface Slots
- JG541A HP 5500-24G-PoE+-4SFP HI Switch with 2 Interface Slots
- JG542A HP 5500-48G-PoE+-4SFP HI Switch with 2 Interface Slots
- JG543A HP 5500-24G-SFP HI Switch with 2 Interface Slots
- JG679A HP 5500-24G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface Slots
- JG680A HP 5500-48G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface Slots
- JG681A HP 5500-24G-SFP HI TAA-compliant Switch with 2 Interface Slots
- 5500 EI (Comware 5) - Version: R2221P19
- HP Network Products
- JD373A HP 5500-24G DC EI Switch
- JD374A HP 5500-24G-SFP EI Switch
- JD375A HP 5500-48G EI Switch
- JD376A HP 5500-48G-PoE EI Switch
- JD377A HP 5500-24G EI Switch
- JD378A HP 5500-24G-PoE EI Switch
- JD379A HP 5500-24G-SFP DC EI Switch
- JG240A HP 5500-48G-PoE+ EI Switch with 2 Interface Slots
- JG241A HP 5500-24G-PoE+ EI Switch with 2 Interface Slots
- JG249A HP 5500-24G-SFP EI TAA-compliant Switch with 2 Interface
- JG250A HP 5500-24G EI TAA-compliant Switch with 2 Interface Slots
- JG251A HP 5500-48G EI TAA-compliant Switch with 2 Interface Slots
- JG252A HP 5500-24G-PoE+ EI TAA-compliant Switch with 2 Interface Slots
- JG253A HP 5500-48G-PoE+ EI TAA-compliant Switch with 2 Interface Slots
- 4800G (Comware 5) - Version: R2221P19
- HP Network Products
- JD007A HP 4800-24G Switch
- JD008A HP 4800-24G-PoE Switch
- JD009A HP 4800-24G-SFP Switch
- JD010A HP 4800-48G Switch
- JD011A HP 4800-48G-PoE Switch
- 5500SI (Comware 5) - Version: R2221P20
- HP Network Products
- JD369A HP 5500-24G SI Switch
- JD370A HP 5500-48G SI Switch
- JD371A HP 5500-24G-PoE SI Switch
- JD372A HP 5500-48G-PoE SI Switch
- JG238A HP 5500-24G-PoE+ SI Switch with 2 Interface Slots
- JG239A HP 5500-48G-PoE+ SI Switch with 2 Interface Slots
- 4500G (Comware 5) - Version: R2221P20
- HP Network Products
- JF428A HP 4510-48G Switch
- JF847A HP 4510-24G Switch
- 5120 EI (Comware 5) - Version: R2221P20
- HP Network Products
- JE066A HP 5120-24G EI Switch
- JE067A HP 5120-48G EI Switch
- JE068A HP 5120-24G EI Switch with 2 Interface Slots
- JE069A HP 5120-48G EI Switch with 2 Interface Slots
- JE070A HP 5120-24G-PoE EI 2-slot Switch
- JE071A HP 5120-48G-PoE EI 2-slot Switch
- JG236A HP 5120-24G-PoE+ EI Switch with 2 Interface Slots
- JG237A HP 5120-48G-PoE+ EI Switch with 2 Interface Slots
- JG245A HP 5120-24G EI TAA-compliant Switch with 2 Interface Slots
- JG246A HP 5120-48G EI TAA-compliant Switch with 2 Interface Slots
- JG247A HP 5120-24G-PoE+ EI TAA-compliant Switch with 2 Slots
- JG248A HP 5120-48G-PoE+ EI TAA-compliant Switch with 2 Slots
- 4210G (Comware 5) - Version: R2221P20
- HP Network Products
- JF844A HP 4210-24G Switch
- JF845A HP 4210-48G Switch
- JF846A HP 4210-24G-PoE Switch
- 5120 SI (Comware 5) - Version: R1516
- HP Network Products
- JE072A HP 5120-48G SI Switch
- JE072B HPE 5120 48G SI Switch
- JE073A HP 5120-16G SI Switch
- JE073B HPE 5120 16G SI Switch
- JE074A HP 5120-24G SI Switch
- JE074B HPE 5120 24G SI Switch
- JG091A HP 5120-24G-PoE+ (370W) SI Switch
- JG091B HPE 5120 24G PoE+ (370W) SI Switch
- JG092A HP 5120-24G-PoE+ (170W) SI Switch
- JG309B HPE 5120 8G PoE+ (180W) SI Switch
- JG310B HPE 5120 8G PoE+ (65W) SI Switch
- 3610 (Comware 5) - Version: R5319P14
- HP Network Products
- JD335A HP 3610-48 Switch
- JD336A HP 3610-24-4G-SFP Switch
- JD337A HP 3610-24-2G-2G-SFP Switch
- JD338A HP 3610-24-SFP Switch
- 3600V2 (Comware 5) - Version: R2110P06
- HP Network Products
- JG299A HP 3600-24 v2 EI Switch
- JG299B HP 3600-24 v2 EI Switch
- JG300A HP 3600-48 v2 EI Switch
- JG300B HP 3600-48 v2 EI Switch
- JG301A HP 3600-24-PoE+ v2 EI Switch
- JG301B HP 3600-24-PoE+ v2 EI Switch
- JG301C HP 3600-24-PoE+ v2 EI Switch
- JG302A HP 3600-48-PoE+ v2 EI Switch
- JG302B HP 3600-48-PoE+ v2 EI Switch
- JG302C HP 3600-48-PoE+ v2 EI Switch
- JG303A HP 3600-24-SFP v2 EI Switch
- JG303B HP 3600-24-SFP v2 EI Switch
- JG304A HP 3600-24 v2 SI Switch
- JG304B HP 3600-24 v2 SI Switch
- JG305A HP 3600-48 v2 SI Switch
- JG305B HP 3600-48 v2 SI Switch
- JG306A HP 3600-24-PoE+ v2 SI Switch
- JG306B HP 3600-24-PoE+ v2 SI Switch
- JG306C HP 3600-24-PoE+ v2 SI Switch
- JG307A HP 3600-48-PoE+ v2 SI Switch
- JG307B HP 3600-48-PoE+ v2 SI Switch
- JG307C HP 3600-48-PoE+ v2 SI Switch
- 3100V2-48 (Comware 5) - Version: R2110P06
- HP Network Products
- JG315A HP 3100-48 v2 Switch
- JG315B HP 3100-48 v2 Switch
- HP870 (Comware 5) - Version: R2607P46
- HP Network Products
- JG723A HP 870 Unified Wired-WLAN Appliance
- JG725A HP 870 Unified Wired-WLAN TAA-compliant Appliance
- HP850 (Comware 5) - Version: R2607P46
- HP Network Products
- JG722A HP 850 Unified Wired-WLAN Appliance
- JG724A HP 850 Unified Wired-WLAN TAA-compliant Appliance
- HP830 (Comware 5) - Version: R3507P46
- HP Network Products
- JG640A HP 830 24-Port PoE+ Unified Wired-WLAN Switch
- JG641A HP 830 8-port PoE+ Unified Wired-WLAN Switch
- JG646A HP 830 24-Port PoE+ Unified Wired-WLAN TAA-compliant Switch
- JG647A HP 830 8-Port PoE+ Unified Wired-WLAN TAA-compliant
- HP6000 (Comware 5) - Version: R2507P46
- HP Network Products
- JG639A HP 10500/7500 20G Unified Wired-WLAN Module
- JG645A HP 10500/7500 20G Unified Wired-WLAN TAA-compliant Module
- WX5004-EI (Comware 5) - Version: R2507P46
- HP Network Products
- JD447B HP WX5002 Access Controller
- JD448A HP WX5004 Access Controller
- JD448B HP WX5004 Access Controller
- JD469A HP WX5004 Access Controller
- SecBlade FW (Comware 5) - Version: R3181P07
- HP Network Products
- JC635A HP 12500 VPN Firewall Module
- JD245A HP 9500 VPN Firewall Module
- JD249A HP 10500/7500 Advanced VPN Firewall Module
- JD250A HP 6600 Firewall Processing Router Module
- JD251A HP 8800 Firewall Processing Module
- JD255A HP 5820 VPN Firewall Module
- F1000-E (Comware 5) - Version: R3181P07
- HP Network Products
- JD272A HP F1000-E VPN Firewall Appliance
- F1000-A-EI (Comware 5) - Version: R3734P08
- HP Network Products
- JG214A HP F1000-A-EI VPN Firewall Appliance
- F1000-S-EI (Comware 5) - Version: R3734P08
- HP Network Products
- JG213A HP F1000-S-EI VPN Firewall Appliance
- F5000-A (Comware 5) - Version: F3210P26
- HP Network Products
- JD259A HP A5000-A5 VPN Firewall Chassis
- JG215A HP F5000 Firewall Main Processing Unit
- JG216A HP F5000 Firewall Standalone Chassis
- U200S and CS (Comware 5) - Version: F5123P33
- HP Network Products
- JD273A HP U200-S UTM Appliance
- U200A and M (Comware 5) - Version: F5123P33
- HP Network Products
- JD275A HP U200-A UTM Appliance
- F5000-C/S (Comware 5) - Version: R3811P05
- HP Network Products
- JG650A HP F5000-C VPN Firewall Appliance
- JG370A HP F5000-S VPN Firewall Appliance
- SecBlade III (Comware 5) - Version: R3820P06
- HP Network Products
- JG371A HP 12500 20Gbps VPN Firewall Module
- JG372A HP 10500/11900/7500 20Gbps VPN Firewall Module
- 6600 RSE RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JC566A HP 6600 RSE-X1 Router Main Processing Unit
- JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit
- 6600 RPE RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JC165A) HP 6600 RPE-X1 Router Module
- JG781A) HP 6600 RPE-X1 TAA-compliant Main Processing Unit
- 6602 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JC176A) HP 6602 Router Chassis
- HSR6602 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG355A HP 6600 MCP-X1 Router Main Processing Unit
- JG356A HP 6600 MCP-X2 Router Main Processing Unit
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit
- HSR6800 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit
- SMB1910 (Comware 5) - Version: R1111
- HP Network Products
- JG540A HP 1910-48 Switch
- JG539A HP 1910-24-PoE+ Switch
- JG538A HP 1910-24 Switch
- JG537A HP 1910-8 -PoE+ Switch
- JG536A HP 1910-8 Switch
- SMB1920 (Comware 5) - Version: R1109
- HP Network Products
- JG928A HP 1920-48G-PoE+ (370W) Switch
- JG927A HP 1920-48G Switch
- JG926A HP 1920-24G-PoE+ (370W) Switch
- JG925A HP 1920-24G-PoE+ (180W) Switch
- JG924A HP 1920-24G Switch
- JG923A HP 1920-16G Switch
- JG922A HP 1920-8G-PoE+ (180W) Switch
- JG921A HP 1920-8G-PoE+ (65W) Switch
- JG920A HP 1920-8G Switch
- V1910 (Comware 5) - Version: R1516
- HP Network Products
- JE005A HP 1910-16G Switch
- JE006A HP 1910-24G Switch
- JE007A HP 1910-24G-PoE (365W) Switch
- JE008A HP 1910-24G-PoE(170W) Switch
- JE009A HP 1910-48G Switch
- JG348A HP 1910-8G Switch
- JG349A HP 1910-8G-PoE+ (65W) Switch
- JG350A HP 1910-8G-PoE+ (180W) Switch
- SMB 1620 (Comware 5) - Version: R1108
- HP Network Products
- JG914A HP 1620-48G Switch
- JG913A HP 1620-24G Switch
- JG912A HP 1620-8G Switch
COMWARE 7 Products
- 12500 (Comware 7) - Version: R7376
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- 10500 (Comware 7) - Version: R7170
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
- 12900 (Comware 7) - Version: R1138P01
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- 5900 (Comware 7) - Version: R2422P01
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- MSR1000 (Comware 7) - Version: R0305P04
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- MSR2000 (Comware 7) - Version: R0305P04
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- MSR3000 (Comware 7) - Version: R0305P04
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG407A HP MSR3024 DC Router
- JG408A HP MSR3024 PoE Router
- JG409A HP MSR3012 AC Router
- JG410A HP MSR3012 DC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- MSR4000 (Comware 7) - Version: R0305P04
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- VSR (Comware 7) - Version: E0321P01
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- 7900 (Comware 7) - Version: R2138P01
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- 5130 (Comware 7) - Version: R3109P16
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- 5700 (Comware 7) - Version: R2422P01
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- 5930 (Comware 7) - Version: R2422P01
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- HSR6600 (Comware 7) - Version: R7103P05
- HP Network Products
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- HSR6800 (Comware 7) - Version: R7103P05
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing
- JH075A HP HSR6800 RSE-X3 Router Main Processing Unit
- 1950 (Comware 7) - Version: R3109P16
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
- 7500 (Comware 7) - Version: R7170
- HP Network Products
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
iMC Products
- iMC Plat - Version: iMC Plat 7.1 E0303P16
- HP Network Products
- JD125A HP IMC Std S/W Platform w/100-node
- JD126A HP IMC Ent S/W Platform w/100-node
- JD808A HP IMC Ent Platform w/100-node License
- JD814A HP A-IMC Enterprise Edition Software DVD Media
- JD815A HP IMC Std Platform w/100-node License
- JD816A HP A-IMC Standard Edition Software DVD Media
- JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU
- JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU
- JF377A HP IMC Std S/W Platform w/100-node Lic
- JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU
- JF378A HP IMC Ent S/W Platform w/200-node Lic
- JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU
- JG546AAE HP IMC Basic SW Platform w/50-node E-LTU
- JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU
- JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU
- JG550AAE HP PMM to IMC Bsc WLM Upgr w/150AP E-LTU
- JG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU
- JG659AAE HP IMC Smart Connect VAE E-LTU
- JG660AAE HP IMC Smart Connect w/WLM VAE E-LTU
- JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU
- JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU
- JG766AAE HP IMC SmCnct Vrtl Applnc SW E-LTU
- JG767AAE HP IMC SmCnct WSM Vrtl Applnc SW E-LTU
- JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU
- iMC iNode - Version: iNode PC 7.1 E0313, or, iNode PC 7.2 (E0401)
- HP Network Products
- JD144A HP A-IMC User Access Management Software Module with 200-user License
- JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JD435A HP A-IMC Endpoint Admission Defense Client Software
- JF388A HP IMC User Authentication Management Software Module with 200-user License
- JF388AAE HP IMC User Authentication Management Software Module with 200-user E-LTU
- JF391A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JF391AAE HP IMC Endpoint Admission Defense Software Module with 200-user E-LTU
- JG752AAE HP IMC User Access Manager Software Module with 50-user E-LTU
- JG754AAE) HP IMC Endpoint Admission Defense Software Module with 50-user E-LTU
- iMC TAM_UAM - Version: iMC UAM_TAM 7.1 (E0307)
- HP Network Products
- JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE
- JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU
- JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU
- JG483A HP IMC TAM S/W MODULE W/100-NODE LIC
- JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU
- JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU
- iMC NSM - Version: iMC WSM 7.1 E0303P10
- HP Network Products
- JD456A HP IMC WSM Software Module with 50-Access Point License
- JF414A HP IMC Wireless Service Manager Software Module with 50-Access Point License
- JF414AAE HP IMC Wireless Service Manager Software Module with 50-Access Point E-LTU
- JG551AAE HP PCM+ Mobility Manager to IMC Wireless Service Manager Module Upgrade with 250 Access Point E-LTU
- JG758AAE HP IMC WSM/RTLS w/ 50-node E-LTU
- JG769AAE HP PCM Mobility Manager to IMC Wireless Service Manager Upg with 250-node E-LTU
VCX Products
- VCX - Version: 9.8.18
- HP Network Products
- J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
HISTORY Version:1 (rev.1) - 5 July 2016 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1n-i486-1_slack14.1.txz: Upgraded. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zg-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.0.txz
Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.0.txz
Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zg-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.1.txz
Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.1.txz
Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zg-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.37.txz
Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.37.txz
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1n-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1n-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1n-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1n-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1n-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1n-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1n-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1n-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1n-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1n-i586-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1n-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1n-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 packages: 383ecfed6bfef1440a44d7082745848a openssl-0.9.8zg-i486-1_slack13.0.txz fb186187ffa200e22d9450a9d0e321f6 openssl-solibs-0.9.8zg-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages: eb52318ed52fef726402f0b2a74745c5 openssl-0.9.8zg-x86_64-1_slack13.0.txz 9447927b960a01b21149e28a9783021f openssl-solibs-0.9.8zg-x86_64-1_slack13.0.txz
Slackware 13.1 packages: 37f46f6b4fe2acbe217eaf7c0b33b704 openssl-0.9.8zg-i486-1_slack13.1.txz 986de2e71676f61d788a59a1e0c8de1f openssl-solibs-0.9.8zg-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages: 6b160ce817dcde3ae5b3a861b284387b openssl-0.9.8zg-x86_64-1_slack13.1.txz 503d891680c711162386ea7e3daadca8 openssl-solibs-0.9.8zg-x86_64-1_slack13.1.txz
Slackware 13.37 packages: 5e7501b1d73d01d3d87704c3cfd3a888 openssl-0.9.8zg-i486-1_slack13.37.txz 874f0b59870dd3f259640c9930a02f99 openssl-solibs-0.9.8zg-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages: b6d91614458040d461dff3c3eab45206 openssl-0.9.8zg-x86_64-1_slack13.37.txz be106df5e59c2be7fa442df8ba85ad0b openssl-solibs-0.9.8zg-x86_64-1_slack13.37.txz
Slackware 14.0 packages: ee7c3937e6a6d7ac7537f751af7da7b9 openssl-1.0.1n-i486-1_slack14.0.txz 758662437d33f99ec0a686cedeb1919e openssl-solibs-1.0.1n-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 2dfdc4729e93cf460018e9e30a6223dc openssl-1.0.1n-x86_64-1_slack14.0.txz 9cb4b34e97e60f6bfe4c843aabeae954 openssl-solibs-1.0.1n-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 5a9bf08d55615cfc097109c2e3786f7b openssl-1.0.1n-i486-1_slack14.1.txz fb1c05468e5c38d51a8ff6ac435e3a20 openssl-solibs-1.0.1n-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: 1ef5cede3f954c3e4741012ffa76b750 openssl-1.0.1n-x86_64-1_slack14.1.txz ea22c288c60ae1d7ea8c5b3a1608462b openssl-solibs-1.0.1n-x86_64-1_slack14.1.txz
Slackware -current packages: 56db8712d653c060f910e8915a8f8656 a/openssl-solibs-1.0.1n-i586-1.txz 6d6264c9943e27240db5c8f5ec342e27 n/openssl-1.0.1n-i586-1.txz
Slackware x86_64 -current packages: e73f7aff5aa0ad14bc06428544f99ae2 a/openssl-solibs-1.0.1n-x86_64-1.txz 91b550b9eb0ac0c580e158375a93c0e4 n/openssl-1.0.1n-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1n-i486-1_slack14.1.txz openssl-solibs-1.0.1n-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. OpenSSL Security Advisory [11 Jun 2015] =======================================
DHE man-in-the-middle protection (Logjam)
A vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam (CVE-2015-4000).
OpenSSL has added protection for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits. This limit will be increased to 1024 bits in a future release.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n
Fixes for this issue were developed by Emilia Käsper and Kurt Roeckx of the OpenSSL development team.
Malformed ECParameters causes infinite loop (CVE-2015-1788)
Severity: Moderate
When processing an ECParameters structure OpenSSL enters an infinite loop if the curve specified is over a specially malformed binary polynomial field.
This can be used to perform denial of service against any system which processes public keys, certificate requests or certificates. This includes TLS clients and TLS servers with client authentication enabled.
This issue affects OpenSSL versions: 1.0.2 and 1.0.1. Recent 1.0.0 and 0.9.8 versions are not affected. 1.0.0d and 0.9.8r and below are affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s OpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The fix was developed by Andy Polyakov of the OpenSSL development team.
Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
Severity: Moderate
X509_cmp_time does not properly check the length of the ASN1_TIME string and can read a few bytes out of bounds. In addition, X509_cmp_time accepts an arbitrary number of fractional seconds in the time string.
An attacker can use this to craft malformed certificates and CRLs of various sizes and potentially cause a segmentation fault, resulting in a DoS on applications that verify certificates or CRLs. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 8th April 2015 by Robert Swiecki (Google), and independently on 11th April 2015 by Hanno Böck. The fix was developed by Emilia Käsper of the OpenSSL development team.
PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
Severity: Moderate
The PKCS#7 parsing code does not handle missing inner EncryptedContent correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with missing content and trigger a NULL pointer dereference on parsing.
Applications that decrypt PKCS#7 data or otherwise parse PKCS#7 structures from untrusted sources are affected. OpenSSL clients and servers are not affected.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 18th April 2015 by Michal Zalewski (Google). The fix was developed by Emilia Käsper of the OpenSSL development team.
CMS verify infinite loop with unknown hash function (CVE-2015-1792)
Severity: Moderate
When verifying a signedData message the CMS code can enter an infinite loop if presented with an unknown hash function OID.
This can be used to perform denial of service against any system which verifies signedData messages using the CMS code.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 31st March 2015 by Johannes Bauer. The fix was developed by Dr. Stephen Henson of the OpenSSL development team.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was discovered by Emilia Käsper of the OpenSSL development team. The fix was developed by Matt Caswell of the OpenSSL development team.
Invalid free in DTLS (CVE-2014-8176)
Severity: Moderate
This vulnerability does not affect current versions of OpenSSL. It existed in previous OpenSSL versions and was fixed in June 2014.
If a DTLS peer receives application data between the ChangeCipherSpec and Finished messages, buffering of such data may cause an invalid free, resulting in a segmentation fault or potentially, memory corruption.
This issue affected older OpenSSL versions 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
This issue was originally reported on March 28th 2014 in https://rt.openssl.org/Ticket/Display.html?id=3286 by Praveen Kariyanahalli, and subsequently by Ivan Fratric and Felix Groebert (Google). A fix was developed by zhu qun-ying.
The fix for this issue can be identified by commits bcc31166 (1.0.1), b79e6e3a (1.0.0) and 4b258e73 (0.9.8).
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date. Users of these releases are advised to upgrade.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20150611.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0496",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "15.1"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.3"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0q"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0o"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0n"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0r"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8zf"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.9,
"vendor": "juniper",
"version": null
},
{
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "hs series all versions"
},
{
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle transportation management 6.2"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 5.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.9.5"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.01"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator probe option ver3.1.0.x to ver4.1.0.x"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.02"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "webotx sip application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v7.1 to v8.1"
},
{
"model": "univerge",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "3c cmm"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.8.5"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 4.63"
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "6.1"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v4.2 to v6.5"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator agent ver3.3 to ver4.1"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 4.71"
},
{
"model": "communications applications",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle enterprise session border controller ecz7.3m1p4 and earlier"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.2"
},
{
"model": "peoplesoft products",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of peoplesoft enterprise peopletools 8.54"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v7.1"
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver6.0"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.10 to 10.10.4"
},
{
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.0"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.2"
},
{
"model": "univerge",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "3c ucm"
},
{
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle transportation management 6.1"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v7.1"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.5.10.2"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard-j edition v7.1 to v8.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series sg3600lm/lg/lj v6.1"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "systemmanager ver5.5.2 to ver6.2.1"
},
{
"model": "peoplesoft products",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of peoplesoft enterprise peopletools 8.53"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series intersecvm/sg v1.2"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v4.1 to v6.5"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard v8.2 to v9.2"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "jobcenter r14.1"
},
{
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "nv7500/nv5500/nv3500 series"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.1"
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.4 to v9.2"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard-j edition v4.1 to v6.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0s"
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "7.0"
},
{
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "nv7400/nv5400/nv3400 series"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator manager ver3.2.2 to ver4.1"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v4.2 to v6.5"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v4.0"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "mcoperations ver3.6.2 to ver4.2"
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "8.0"
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "7.1"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "system management homepage",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v7.1 to v8.1"
},
{
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.1"
},
{
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle exalogic infrastructure eecs 2.0.6.2.3"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "uddi registry v1.1 to v7.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series univerge sg3000lg/lj"
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0 manager component"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "junos 12.1x46-d25",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.5"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.14"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "security network controller 1.0.3361m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.2"
},
{
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.6"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.211"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.6"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.53"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "junos 12.1x44-d33",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.0.0"
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "junos 12.1x47-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "insight orchestration",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "junos 14.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.6"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.13"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.2"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4.0.6"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.12"
},
{
"model": "version control agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "open source siem",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.4"
},
{
"model": "worklight foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.20"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.1"
},
{
"model": "junos 13.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"model": "communications session border controller scz7.4.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "abyp-4tl-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.1"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.24"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.4"
},
{
"model": "netinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "storwize unified",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.2"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5.0.2"
},
{
"model": "ascenlink",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "7.2.3"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.16"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.19"
},
{
"model": "insight control server provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sterling integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x44-d51",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "netscaler t1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "project openssl 0.9.8zb",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "worklight foundation enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.20"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"model": "workflow for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4.0.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.17"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.7"
},
{
"model": "imc products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37001.1"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4"
},
{
"model": "junos 12.1x44-d50",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.4"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0"
},
{
"model": "enterprise linux server eus 6.6.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "junos 14.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flashsystem 9843-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.27"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.11"
},
{
"model": "project openssl 1.0.0m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.27"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.8"
},
{
"model": "linux enterprise server sp2 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.15"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"model": "qradar incident forensics mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "junos 12.3x48-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "command center appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50001.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "qradar siem patch ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.44"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.5"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.2"
},
{
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sdk for node.js for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0.10.38"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.00"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.8"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "junos 12.3x48-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "infosphere master data management patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.33"
},
{
"model": "junos 12.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.1n",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10"
},
{
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.0"
},
{
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "screenos 6.3.0r21",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.19"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "communications session border controller scz7.3.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.6"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "qradar siem mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.10"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "junos 15.1r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"model": "abyp-2t-1s-1l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.3"
},
{
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "security network controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.3"
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.03"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "junos 14.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.1.8"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.1"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.1.8"
},
{
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"model": "qradar siem mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "junos 14.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.12"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1"
},
{
"model": "abyp-2t-1s-1l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "project openssl 1.0.2b",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.68"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.10"
},
{
"model": "abyp-10g-2sr-2lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.9"
},
{
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.30"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "junos 13.3r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4.2"
},
{
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.14"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5.0"
},
{
"model": "abyp-2t-2s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "security proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura conferencing sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.08"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.9.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.06"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4"
},
{
"model": "security network controller 1.0.3387m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "junos 12.1x44-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos d40",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos 12.1x44-d30.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "junos 15.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network controller 1.0.3379m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.6"
},
{
"model": "project openssl 0.9.8za",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.8"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "abyp-0t-4s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "junos d20",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "comware products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "50"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.17"
},
{
"model": "exalogic infrastructure eecs",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.6.2.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"model": "abyp-4ts-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.213"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.07"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.14"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1.1"
},
{
"model": "infosphere master data management provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "bladesystem c-class virtual connect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.50"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "abyp-10g-4lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.6"
},
{
"model": "abyp-10g-4lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "hp-ux b.11.11.16.09",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.13"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4.0.5"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4.0.5"
},
{
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"model": "screenos 6.3.0r22",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "qradar siem mr2 patch ifi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.110"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.07"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "smartcloud entry fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.413"
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.34"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "abyp-0t-0s-4l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.38"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.3"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "abyp-4t-0s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.3.3"
},
{
"model": "hp-ux b.11.11.13.14",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.41"
},
{
"model": "junos 14.1r6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.16"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "abyp-0t-2s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.10"
},
{
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"model": "project openssl 0.9.8ze",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "comware products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "70"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.63"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.5"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.12"
},
{
"model": "project openssl 1.0.0o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.7"
},
{
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "fortirecorder",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0.1"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "hp-ux b.11.23.1.007",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.9"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "forticlient windows/mac",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.31"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "abyp-0t-2s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "flashsystem 9848-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"model": "flashsystem 9840-ae2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.34"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "screenos 6.3.0r12",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.3"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "abyp-2t-0s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3387"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.64"
},
{
"model": "abyp-10g-4sr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4.0.6"
},
{
"model": "security network controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security identity governance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.8"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.14"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "enterprise session border controller ecz7.3m2p2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "version control repository manager 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.2"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.2.0"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.411"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"model": "sdk for node.js for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0.12.4"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4.0.5"
},
{
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"model": "qradar siem mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.18"
},
{
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.12"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.4.0.4.0"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4.0.6"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "junos 13.2x51-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.13"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.45"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.17"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 14.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.3"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"model": "fortivoice enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0.6"
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x46-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "flashsystem 9846-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.7"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.19"
},
{
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.5"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.1"
},
{
"model": "hp-ux b.11.11.02.008",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x44-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.16"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.21"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.0"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.0"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "junos 12.1x46-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "netinsight",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.14"
},
{
"model": "junos 12.1x47-d11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.5"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.35"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.5"
},
{
"model": "websphere mq",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "junos 12.3r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "ip office application server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.01"
},
{
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.14"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.19"
},
{
"model": "abyp-10g-4sr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "fortisandbox",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10.2"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "junos 14.2r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 0.9.8zg",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.6"
},
{
"model": "junos 13.2x51-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "powerkvm build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.157"
},
{
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "junos 13.2x51-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.26"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "virtual connect enterprise manager sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"model": "abyp-0t-4s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos 12.1x47-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.8"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "qradar siem mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.7"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.12"
},
{
"model": "project openssl 1.0.0s",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.3"
},
{
"model": "junos d35",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "vcx products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3"
},
{
"model": "qradar incident forensics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "ip office application server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.02"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "junos 12.1x47-d45",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.10"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"model": "qradar siem mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"model": "security network controller 1.0.3381m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.37"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "flashsystem 9843-ae2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "junos 12.1x44-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.13"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.5"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2.2"
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "junos 12.1x46-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.5"
},
{
"model": "hp-ux b.11.11.17.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.9"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.2"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.5"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "screenos 6.3.0r13",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.01"
},
{
"model": "fortiddos",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.1.5"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.0.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.0"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "secure backup",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.13"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5.0.3"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.03"
},
{
"model": "forticlient ios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.1"
},
{
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "project openssl 0.9.8zf",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.41"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "forticlient android",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.6"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.19"
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "cloudbridge",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "sonas",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.1.8"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.41"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "hp-ux b.11.23.07.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.3"
},
{
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "abyp-0t-0s-4l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.7"
},
{
"model": "qradar incident forensics mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.14"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.1"
},
{
"model": "aura conferencing sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "junos 12.3x48-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.5"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"model": "abyp-2t-2s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "abyp-4tl-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.3"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.6"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.7"
},
{
"model": "operations agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "11.15"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.6"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.6"
},
{
"model": "abyp-4ts-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "websphere mq for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.02"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5.0.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.2"
},
{
"model": "project openssl 1.0.0p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "junos 12.1x46-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.3"
},
{
"model": "junos 12.3r11",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.09"
},
{
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"model": "linux enterprise server sp1 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.1"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.18"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "screenos 6.3.0r20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "abyp-10g-2sr-2lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.5"
},
{
"model": "junos 13.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.3"
},
{
"model": "project openssl 0.9.8zc",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "project openssl 1.0.0n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.0.3"
},
{
"model": "infosphere guardium for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"model": "project openssl 1.0.0r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1"
},
{
"model": "junos 15.1x49-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0"
},
{
"model": "insight control",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "forticache",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"model": "server migration pack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.41"
},
{
"model": "abyp-4t-0s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "project openssl 0.9.8zd",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.2"
},
{
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"model": "junos 14.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.3"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "workload deployer if9",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.7"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.12"
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.010"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.10"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "flashsystem 9848-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "worklight foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.13"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.2"
},
{
"model": "server migration pack",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.62"
},
{
"model": "junos 12.3r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.33"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.12"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35001.1"
},
{
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.5"
},
{
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.6"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.7"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.212"
},
{
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.43"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.0"
},
{
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4"
},
{
"model": "qradar siem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"model": "flashsystem 9846-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.2"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "fsso build",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "235"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "worklight foundation enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "hp-ux b.11.11.14.15",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"model": "junos 12.1x44-d35.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.3"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.7"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "fortiadc",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.2"
},
{
"model": "junos 12.3x48-d30",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5.0.3"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.3"
},
{
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.5"
},
{
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.12"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"model": "security network controller 1.0.3376m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.21"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3.1"
},
{
"model": "operations agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "12.01"
},
{
"model": "unified security management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3379"
},
{
"model": "netscaler service delivery appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "junos 13.2x51-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"model": "matrix operating environment",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.7"
},
{
"model": "junos 12.1x46-d36",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"model": "hp-ux b.11.11.15.13",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.05"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.14"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.7"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "qradar incident forensics patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.41"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5.0.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5.0.2"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.12"
},
{
"model": "session border controller for enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.0"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.2"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "junos 15.1x49-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fortiauthenticator",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.1"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4.0.6"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.3"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.6"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1"
},
{
"model": "abyp-2t-0s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.32"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "junos 12.1x46-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "junos 12.1x47-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.8"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5.0.3"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.8"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "project openssl 1.0.0q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.3r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.214"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "15.04"
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "qradar siem mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.19"
},
{
"model": "junos 12.1x44-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "75161"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003083"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-247"
},
{
"db": "NVD",
"id": "CVE-2015-1791"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.9.8zf",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1791"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "137772"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "137201"
}
],
"trust": 0.5
},
"cve": "CVE-2015-1791",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-1791",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-1791",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-247",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-1791",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1791"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003083"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-247"
},
{
"db": "NVD",
"id": "CVE-2015-1791"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier. OpenSSL is prone to a race-condition security vulnerability. \nThe impact of this issue is currently unknown. We will update this BID when more information emerges. \nThe following are vulnerable:\nOpenSSL 1.0.2 prior to 1.0.2b\nOpenSSL 1.0.1 prior to 1.0.1n\nOpenSSL 1.0.0 prior to 1.0.0s\nOpenSSL 0.9.8 prior to 0.9.8zg. \nThe following firmware versions of Virtual Connect (VC) are impacted:\n\nHPE BladeSystem c-Class Virtual Connect (VC) Firmware 4.30 through VC 4.45\nHPE BladeSystem c-Class Virtual Connect (VC) Firmware 3.62 through VC 4.21\n\nNote: Firmware versions 3.62 through 4.21 are not impacted by CVE-2016-0800,\nCVE-2015-3194, CVE-2014-3566, CVE-2015-0705, CVE-2016-0799, and\nCVE-2016-2842. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04760669\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04760669\nVersion: 1\n\nHPSBUX03388 SSRT102180 rev.1 - HP-UX running OpenSSL, Remote Disclosure of\nInformation\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-08-05\nLast Updated: 2015-08-05\n\nPotential Security Impact: Remote disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running\nOpenSSL with SSL/TLS enabled. \n\nThis is the TLS vulnerability using US export-grade 512-bit keys in\nDiffie-Hellman key exchange known as Logjam which could be exploited remotely\nresulting in disclosure of information. \n\nReferences:\n\nCVE-2015-4000: DHE man-in-the-middle protection (Logjam). \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-4000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2015-1788 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1791 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1793 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided an updated version of OpenSSL to resolve this vulnerability. \n\nA new B.11.31 depot for OpenSSL_A.01.00.01p is available here:\n\nhttps://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber\n=OPENSSL11I\n\nMANUAL ACTIONS: Yes - Update\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.31\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.01.00.01p or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 5 August 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niEYEARECAAYFAlXCSD4ACgkQ4B86/C0qfVlKnQCg5XcK1amrTACEyDY3QtJF75u2\nL90AnAgGXxSCZgBVzDQCAezbHbrHPwtg\n=74KM\n-----END PGP SIGNATURE-----\n. \n\nBackground\n==========\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer\nand Transport Layer Security as well as a general purpose cryptography\nlibrary. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.1o \u003e= 0.9.8z_p7\n \u003e= 1.0.1o\n\nDescription\n===========\n\nMultiple vulnerabilities have been found in OpenSSL. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 1.0.1 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.1o\"\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8z_p7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2014-8176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8176\n[ 2 ] CVE-2015-1788\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1788\n[ 3 ] CVE-2015-1789\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1789\n[ 4 ] CVE-2015-1790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1790\n[ 5 ] CVE-2015-1791\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1791\n[ 6 ] CVE-2015-1792\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1792\n[ 7 ] CVE-2015-4000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4000\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201506-02\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. \n\nReferences:\n\n - CVE-2014-8176 - Remote Denial of Service (DoS)\n - CVE-2015-1788 - Remote Denial of Service (DoS)\n - CVE-2015-1789 - Remote Denial of Service (DoS)\n - CVE-2015-1790 - Remote Denial of Service (DoS)\n - CVE-2015-1791 - Remote Denial of Service (DoS)\n - CVE-2015-1792 - Remote Denial of Service (DoS)\n - CVE-2015-1793 - Remote Unauthorized Access\n - PSRT110158, SSRT102264\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nPlease refer to the RESOLUTION\n below for a list of impacted products. \n\n**COMWARE 5 Products**\n\n + **A6600 (Comware 5) - Version: R3303P23**\n * HP Network Products\n - JC165A HP 6600 RPE-X1 Router Module\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JC566A HP 6600 RSE-X1 Router Main Processing Unit\n - JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit\n - JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit\n + **HSR6602 (Comware 5) - Version: R3303P23**\n * HP Network Products\n - JC176A HP 6602 Router Chassis\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG355A HP 6600 MCP-X1 Router Main Processing Unit\n - JG356A HP 6600 MCP-X2 Router Main Processing Unit\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n - JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit\n + **HSR6800 (Comware 5) - Version: R3303P23**\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit\n + **MSR20 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD432A HP A-MSR20-21 Router\n - JD662A HP MSR20-20 Router\n - JD663A HP A-MSR20-21 Router\n - JD663B HP MSR20-21 Router\n - JD664A HP MSR20-40 Router\n - JF228A HP MSR20-40 Router\n - JF283A HP MSR20-20 Router\n + **MSR20-1X (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD431A HP MSR20-10 Router\n - JD667A HP MSR20-15 IW Multi-Service Router\n - JD668A HP MSR20-13 Multi-Service Router\n - JD669A HP MSR20-13 W Multi-Service Router\n - JD670A HP MSR20-15 A Multi-Service Router\n - JD671A HP MSR20-15 AW Multi-Service Router\n - JD672A HP MSR20-15 I Multi-Service Router\n - JD673A HP MSR20-11 Multi-Service Router\n - JD674A HP MSR20-12 Multi-Service Router\n - JD675A HP MSR20-12 W Multi-Service Router\n - JD676A HP MSR20-12 T1 Multi-Service Router\n - JF236A HP MSR20-15-I Router\n - JF237A HP MSR20-15-A Router\n - JF238A HP MSR20-15-I-W Router\n - JF239A HP MSR20-11 Router\n - JF240A HP MSR20-13 Router\n - JF241A HP MSR20-12 Router\n - JF806A HP MSR20-12-T Router\n - JF807A HP MSR20-12-W Router\n - JF808A HP MSR20-13-W Router\n - JF809A HP MSR20-15-A-W Router\n - JF817A HP MSR20-15 Router\n - JG209A HP MSR20-12-T-W Router (NA)\n - JG210A HP MSR20-13-W Router (NA)\n + **MSR 30 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD654A HP MSR30-60 POE Multi-Service Router\n - JD657A HP MSR30-40 Multi-Service Router\n - JD658A HP MSR30-60 Multi-Service Router\n - JD660A HP MSR30-20 POE Multi-Service Router\n - JD661A HP MSR30-40 POE Multi-Service Router\n - JD666A HP MSR30-20 Multi-Service Router\n - JF229A HP MSR30-40 Router\n - JF230A HP MSR30-60 Router\n - JF232A HP RTMSR3040-AC-OVSAS-H3\n - JF235A HP MSR30-20 DC Router\n - JF284A HP MSR30-20 Router\n - JF287A HP MSR30-40 DC Router\n - JF801A HP MSR30-60 DC Router\n - JF802A HP MSR30-20 PoE Router\n - JF803A HP MSR30-40 PoE Router\n - JF804A HP MSR30-60 PoE Router\n - JG728A HP MSR30-20 TAA-compliant DC Router\n - JG729A HP MSR30-20 TAA-compliant Router\n + **MSR 30-16 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD659A HP MSR30-16 POE Multi-Service Router\n - JD665A HP MSR30-16 Multi-Service Router\n - JF233A HP MSR30-16 Router\n - JF234A HP MSR30-16 PoE Router\n + **MSR 30-1X (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JF800A HP MSR30-11 Router\n - JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\n - JG182A HP MSR30-11E Router\n - JG183A HP MSR30-11F Router\n - JG184A HP MSR30-10 DC Router\n + **MSR 50 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD433A HP MSR50-40 Router\n - JD653A HP MSR50 Processor Module\n - JD655A HP MSR50-40 Multi-Service Router\n - JD656A HP MSR50-60 Multi-Service Router\n - JF231A HP MSR50-60 Router\n - JF285A HP MSR50-40 DC Router\n - JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n + **MSR 50-G2 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD429A HP MSR50 G2 Processor Module\n - JD429B HP MSR50 G2 Processor Module\n + **MSR 9XX (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JF812A HP MSR900 Router\n - JF813A HP MSR920 Router\n - JF814A HP MSR900-W Router\n - JF815A HP MSR920 2FEWAN/8FELAN/.11 b/g Rtr\n - JG207A HP MSR900-W Router (NA)\n - JG208A HP MSR920-W Router (NA)\n + **MSR 93X (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JG511A HP MSR930 Router\n - JG511B HP MSR930 Router\n - JG512A HP MSR930 Wireless Router\n - JG513A HP MSR930 3G Router\n - JG513B HP MSR930 3G Router\n - JG514A HP MSR931 Router\n - JG514B HP MSR931 Router\n - JG515A HP MSR931 3G Router\n - JG516A HP MSR933 Router\n - JG517A HP MSR933 3G Router\n - JG518A HP MSR935 Router\n - JG518B HP MSR935 Router\n - JG519A HP MSR935 Wireless Router\n - JG520A HP MSR935 3G Router\n - JG531A HP MSR931 Dual 3G Router\n - JG531B HP MSR931 Dual 3G Router\n - JG596A HP MSR930 4G LTE/3G CDMA Router\n - JG597A HP MSR936 Wireless Router\n - JG665A HP MSR930 4G LTE/3G WCDMA Global Router\n - JG704A HP MSR930 4G LTE/3G WCDMA ATT Router\n - JH009A HP MSR931 Serial (TI) Router\n - JH010A HP MSR933 G.SHDSL (TI) Router\n - JH011A HP MSR935 ADSL2+ (TI) Router\n - JH012A HP MSR930 Wireless 802.11n (NA) Router\n - JH012B HP MSR930 Wireless 802.11n (NA) Router\n - JH013A HP MSR935 Wireless 802.11n (NA) Router\n + **MSR1000 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JG732A HP MSR1003-8 AC Router\n + **12500 (Comware 5) - Version: R1829P01**\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JC808A HP 12500 TAA Main Processing Unit\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n + **9500E (Comware 5) - Version: R1829P01**\n * HP Network Products\n - JC124A HP A9508 Switch Chassis\n - JC124B HP 9505 Switch Chassis\n - JC125A HP A9512 Switch Chassis\n - JC125B HP 9512 Switch Chassis\n - JC474A HP A9508-V Switch Chassis\n - JC474B HP 9508-V Switch Chassis\n + **10500 (Comware 5) - Version: R1210P01**\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC614A HP 10500 Main Processing Unit\n - JC748A HP 10512 Switch Chassis\n - JG375A HP 10500 TAA-compliant Main Processing Unit\n - JG820A HP 10504 TAA-compliant Switch Chassis\n - JG821A HP 10508 TAA-compliant Switch Chassis\n - JG822A HP 10508-V TAA-compliant Switch Chassis\n - JG823A HP 10512 TAA-compliant Switch Chassis\n + **7500 (Comware 5) - Version: R6710P01**\n * HP Network Products\n - JC666A HP 7503-S 144Gbps Fabric/MPU with PoE Upgradable 20-port\nGig-T/4-port GbE Combo\n - JC697A HP 7502 TAA-compliant Main Processing Unit\n - JC698A HP 7503-S 144Gbps TAA Fabric / MPU with 16 GbE SFP Ports and 8\nGbE Combo Ports\n - JC699A HP 7500 384Gbps TAA-compliant Fabric / MPU with 2 10GbE XFP\nPorts\n - JC700A HP 7500 384Gbps TAA-compliant Fabric / Main Processing Unit\n - JC701A HP 7500 768Gbps TAA-compliant Fabric / Main Processing Unit\n - JD193A HP 7500 384Gbps Fabric Module with 2 XFP Ports\n - JD193B HP 7500 384Gbps Fabric Module with 2 XFP Ports\n - JD194A HP 7500 384Gbps Fabric Module\n - JD194B HP 7500 384Gbps Fabric Module\n - JD195A HP 7500 384Gbps Advanced Fabric Module\n - JD196A HP 7502 Fabric Module\n - JD220A HP 7500 768Gbps Fabric Module\n - JD224A HP 7500 384Gbps Fabric Module with 12 SFP Ports\n - JD238A HP 7510 Switch Chassis\n - JD238B HP 7510 Switch Chassis\n - JD239A HP 7506 Switch Chassis\n - JD239B HP 7506 Switch Chassis\n - JD240A HP 7503 Switch Chassis\n - JD240B HP 7503 Switch Chassis\n - JD241A HP 7506-V Switch Chassis\n - JD241B HP 7506-V Switch Chassis\n - JD242A HP 7502 Switch Chassis\n - JD242B HP 7502 Switch Chassis\n - JD243A HP 7503-S Switch Chassis with 1 Fabric Slot\n - JD243B HP 7503-S Switch Chassis with 1 Fabric Slot\n - JE164A HP E7902 Switch Chassis\n - JE165A HP E7903 Switch Chassis\n - JE166A HP E7903 1 Fabric Slot Switch Chassis\n - JE167A HP E7906 Switch Chassis\n - JE168A HP E7906 Vertical Switch Chassis\n - JE169A HP E7910 Switch Chassis\n + **5830 (Comware 5) - Version: R1118P13**\n * HP Network Products\n - JC691A HP 5830AF-48G Switch with 1 Interface Slot\n - JC694A HP 5830AF-96G Switch\n - JG316A HP 5830AF-48G TAA-compliant Switch w/1 Interface Slot\n - JG374A HP 5830AF-96G TAA-compliant Switch\n + **5800 (Comware 5) - Version: R1809P11**\n * HP Network Products\n - JC099A HP 5800-24G-PoE Switch\n - JC099B HP 5800-24G-PoE+ Switch\n - JC100A HP 5800-24G Switch\n - JC100B HP 5800-24G Switch\n - JC101A HP 5800-48G Switch with 2 Slots\n - JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots\n - JC103A HP 5800-24G-SFP Switch\n - JC103B HP 5800-24G-SFP Switch with 1 Interface Slot\n - JC104A HP 5800-48G-PoE Switch\n - JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot\n - JC105A HP 5800-48G Switch\n - JC105B HP 5800-48G Switch with 1 Interface Slot\n - JG254A HP 5800-24G-PoE+ TAA-compliant Switch\n - JG254B HP 5800-24G-PoE+ TAA-compliant Switch\n - JG255A HP 5800-24G TAA-compliant Switch\n - JG255B HP 5800-24G TAA-compliant Switch\n - JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot\n - JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot\n - JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot\n - JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot\n - JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot\n - JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot\n - JG225A HP 5800AF-48G Switch\n - JG225B HP 5800AF-48G Switch\n - JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots\n - JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface\n - JG243A HP 5820-24XG-SFP+ TAA-compliant Switch\n - JG243B HP 5820-24XG-SFP+ TAA-compliant Switch\n - JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots\n\u0026 1 OAA Slot\n - JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots\nand 1 OAA Slot\n - JC106A HP 5820-14XG-SFP+ Switch with 2 Slots\n - JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots \u0026 1 OAA Slot\n - JG219A HP 5820AF-24XG Switch\n - JG219B HP 5820AF-24XG Switch\n - JC102A HP 5820-24XG-SFP+ Switch\n - JC102B HP 5820-24XG-SFP+ Switch\n + **5500 HI (Comware 5) - Version: R5501P17**\n * HP Network Products\n - JG311A HP 5500-24G-4SFP HI Switch with 2 Interface Slots\n - JG312A HP 5500-48G-4SFP HI Switch with 2 Interface Slots\n - JG541A HP 5500-24G-PoE+-4SFP HI Switch with 2 Interface Slots\n - JG542A HP 5500-48G-PoE+-4SFP HI Switch with 2 Interface Slots\n - JG543A HP 5500-24G-SFP HI Switch with 2 Interface Slots\n - JG679A HP 5500-24G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface\nSlots\n - JG680A HP 5500-48G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface\nSlots\n - JG681A HP 5500-24G-SFP HI TAA-compliant Switch with 2 Interface Slots\n + **5500 EI (Comware 5) - Version: R2221P19**\n * HP Network Products\n - JD373A HP 5500-24G DC EI Switch\n - JD374A HP 5500-24G-SFP EI Switch\n - JD375A HP 5500-48G EI Switch\n - JD376A HP 5500-48G-PoE EI Switch\n - JD377A HP 5500-24G EI Switch\n - JD378A HP 5500-24G-PoE EI Switch\n - JD379A HP 5500-24G-SFP DC EI Switch\n - JG240A HP 5500-48G-PoE+ EI Switch with 2 Interface Slots\n - JG241A HP 5500-24G-PoE+ EI Switch with 2 Interface Slots\n - JG249A HP 5500-24G-SFP EI TAA-compliant Switch with 2 Interface\n - JG250A HP 5500-24G EI TAA-compliant Switch with 2 Interface Slots\n - JG251A HP 5500-48G EI TAA-compliant Switch with 2 Interface Slots\n - JG252A HP 5500-24G-PoE+ EI TAA-compliant Switch with 2 Interface\nSlots\n - JG253A HP 5500-48G-PoE+ EI TAA-compliant Switch with 2 Interface\nSlots\n + **4800G (Comware 5) - Version: R2221P19**\n * HP Network Products\n - JD007A HP 4800-24G Switch\n - JD008A HP 4800-24G-PoE Switch\n - JD009A HP 4800-24G-SFP Switch\n - JD010A HP 4800-48G Switch\n - JD011A HP 4800-48G-PoE Switch\n + **5500SI (Comware 5) - Version: R2221P20**\n * HP Network Products\n - JD369A HP 5500-24G SI Switch\n - JD370A HP 5500-48G SI Switch\n - JD371A HP 5500-24G-PoE SI Switch\n - JD372A HP 5500-48G-PoE SI Switch\n - JG238A HP 5500-24G-PoE+ SI Switch with 2 Interface Slots\n - JG239A HP 5500-48G-PoE+ SI Switch with 2 Interface Slots\n + **4500G (Comware 5) - Version: R2221P20**\n * HP Network Products\n - JF428A HP 4510-48G Switch\n - JF847A HP 4510-24G Switch\n + **5120 EI (Comware 5) - Version: R2221P20**\n * HP Network Products\n - JE066A HP 5120-24G EI Switch\n - JE067A HP 5120-48G EI Switch\n - JE068A HP 5120-24G EI Switch with 2 Interface Slots\n - JE069A HP 5120-48G EI Switch with 2 Interface Slots\n - JE070A HP 5120-24G-PoE EI 2-slot Switch\n - JE071A HP 5120-48G-PoE EI 2-slot Switch\n - JG236A HP 5120-24G-PoE+ EI Switch with 2 Interface Slots\n - JG237A HP 5120-48G-PoE+ EI Switch with 2 Interface Slots\n - JG245A HP 5120-24G EI TAA-compliant Switch with 2 Interface Slots\n - JG246A HP 5120-48G EI TAA-compliant Switch with 2 Interface Slots\n - JG247A HP 5120-24G-PoE+ EI TAA-compliant Switch with 2 Slots\n - JG248A HP 5120-48G-PoE+ EI TAA-compliant Switch with 2 Slots\n + **4210G (Comware 5) - Version: R2221P20**\n * HP Network Products\n - JF844A HP 4210-24G Switch\n - JF845A HP 4210-48G Switch\n - JF846A HP 4210-24G-PoE Switch\n + **5120 SI (Comware 5) - Version: R1516**\n * HP Network Products\n - JE072A HP 5120-48G SI Switch\n - JE072B HPE 5120 48G SI Switch\n - JE073A HP 5120-16G SI Switch\n - JE073B HPE 5120 16G SI Switch\n - JE074A HP 5120-24G SI Switch\n - JE074B HPE 5120 24G SI Switch\n - JG091A HP 5120-24G-PoE+ (370W) SI Switch\n - JG091B HPE 5120 24G PoE+ (370W) SI Switch\n - JG092A HP 5120-24G-PoE+ (170W) SI Switch\n - JG309B HPE 5120 8G PoE+ (180W) SI Switch\n - JG310B HPE 5120 8G PoE+ (65W) SI Switch\n + **3610 (Comware 5) - Version: R5319P14**\n * HP Network Products\n - JD335A HP 3610-48 Switch\n - JD336A HP 3610-24-4G-SFP Switch\n - JD337A HP 3610-24-2G-2G-SFP Switch\n - JD338A HP 3610-24-SFP Switch\n + **3600V2 (Comware 5) - Version: R2110P06**\n * HP Network Products\n - JG299A HP 3600-24 v2 EI Switch\n - JG299B HP 3600-24 v2 EI Switch\n - JG300A HP 3600-48 v2 EI Switch\n - JG300B HP 3600-48 v2 EI Switch\n - JG301A HP 3600-24-PoE+ v2 EI Switch\n - JG301B HP 3600-24-PoE+ v2 EI Switch\n - JG301C HP 3600-24-PoE+ v2 EI Switch\n - JG302A HP 3600-48-PoE+ v2 EI Switch\n - JG302B HP 3600-48-PoE+ v2 EI Switch\n - JG302C HP 3600-48-PoE+ v2 EI Switch\n - JG303A HP 3600-24-SFP v2 EI Switch\n - JG303B HP 3600-24-SFP v2 EI Switch\n - JG304A HP 3600-24 v2 SI Switch\n - JG304B HP 3600-24 v2 SI Switch\n - JG305A HP 3600-48 v2 SI Switch\n - JG305B HP 3600-48 v2 SI Switch\n - JG306A HP 3600-24-PoE+ v2 SI Switch\n - JG306B HP 3600-24-PoE+ v2 SI Switch\n - JG306C HP 3600-24-PoE+ v2 SI Switch\n - JG307A HP 3600-48-PoE+ v2 SI Switch\n - JG307B HP 3600-48-PoE+ v2 SI Switch\n - JG307C HP 3600-48-PoE+ v2 SI Switch\n + **3100V2-48 (Comware 5) - Version: R2110P06**\n * HP Network Products\n - JG315A HP 3100-48 v2 Switch\n - JG315B HP 3100-48 v2 Switch\n + **HP870 (Comware 5) - Version: R2607P46**\n * HP Network Products\n - JG723A HP 870 Unified Wired-WLAN Appliance\n - JG725A HP 870 Unified Wired-WLAN TAA-compliant Appliance\n + **HP850 (Comware 5) - Version: R2607P46**\n * HP Network Products\n - JG722A HP 850 Unified Wired-WLAN Appliance\n - JG724A HP 850 Unified Wired-WLAN TAA-compliant Appliance\n + **HP830 (Comware 5) - Version: R3507P46**\n * HP Network Products\n - JG640A HP 830 24-Port PoE+ Unified Wired-WLAN Switch\n - JG641A HP 830 8-port PoE+ Unified Wired-WLAN Switch\n - JG646A HP 830 24-Port PoE+ Unified Wired-WLAN TAA-compliant Switch\n - JG647A HP 830 8-Port PoE+ Unified Wired-WLAN TAA-compliant\n + **HP6000 (Comware 5) - Version: R2507P46**\n * HP Network Products\n - JG639A HP 10500/7500 20G Unified Wired-WLAN Module\n - JG645A HP 10500/7500 20G Unified Wired-WLAN TAA-compliant Module\n + **WX5004-EI (Comware 5) - Version: R2507P46**\n * HP Network Products\n - JD447B HP WX5002 Access Controller\n - JD448A HP WX5004 Access Controller\n - JD448B HP WX5004 Access Controller\n - JD469A HP WX5004 Access Controller\n + **SecBlade FW (Comware 5) - Version: R3181P07**\n * HP Network Products\n - JC635A HP 12500 VPN Firewall Module\n - JD245A HP 9500 VPN Firewall Module\n - JD249A HP 10500/7500 Advanced VPN Firewall Module\n - JD250A HP 6600 Firewall Processing Router Module\n - JD251A HP 8800 Firewall Processing Module\n - JD255A HP 5820 VPN Firewall Module\n + **F1000-E (Comware 5) - Version: R3181P07**\n * HP Network Products\n - JD272A HP F1000-E VPN Firewall Appliance\n + **F1000-A-EI (Comware 5) - Version: R3734P08**\n * HP Network Products\n - JG214A HP F1000-A-EI VPN Firewall Appliance\n + **F1000-S-EI (Comware 5) - Version: R3734P08**\n * HP Network Products\n - JG213A HP F1000-S-EI VPN Firewall Appliance\n + **F5000-A (Comware 5) - Version: F3210P26**\n * HP Network Products\n - JD259A HP A5000-A5 VPN Firewall Chassis\n - JG215A HP F5000 Firewall Main Processing Unit\n - JG216A HP F5000 Firewall Standalone Chassis\n + **U200S and CS (Comware 5) - Version: F5123P33**\n * HP Network Products\n - JD273A HP U200-S UTM Appliance\n + **U200A and M (Comware 5) - Version: F5123P33**\n * HP Network Products\n - JD275A HP U200-A UTM Appliance\n + **F5000-C/S (Comware 5) - Version: R3811P05**\n * HP Network Products\n - JG650A HP F5000-C VPN Firewall Appliance\n - JG370A HP F5000-S VPN Firewall Appliance\n + **SecBlade III (Comware 5) - Version: R3820P06**\n * HP Network Products\n - JG371A HP 12500 20Gbps VPN Firewall Module\n - JG372A HP 10500/11900/7500 20Gbps VPN Firewall Module\n + **6600 RSE RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JC566A HP 6600 RSE-X1 Router Main Processing Unit\n - JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit\n + **6600 RPE RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JC165A) HP 6600 RPE-X1 Router Module\n - JG781A) HP 6600 RPE-X1 TAA-compliant Main Processing Unit\n + **6602 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JC176A) HP 6602 Router Chassis\n + **HSR6602 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG355A HP 6600 MCP-X1 Router Main Processing Unit\n - JG356A HP 6600 MCP-X2 Router Main Processing Unit\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n - JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit\n + **HSR6800 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit\n + **SMB1910 (Comware 5) - Version: R1111**\n * HP Network Products\n - JG540A HP 1910-48 Switch\n - JG539A HP 1910-24-PoE+ Switch\n - JG538A HP 1910-24 Switch\n - JG537A HP 1910-8 -PoE+ Switch\n - JG536A HP 1910-8 Switch\n + **SMB1920 (Comware 5) - Version: R1109**\n * HP Network Products\n - JG928A HP 1920-48G-PoE+ (370W) Switch\n - JG927A HP 1920-48G Switch\n - JG926A HP 1920-24G-PoE+ (370W) Switch\n - JG925A HP 1920-24G-PoE+ (180W) Switch\n - JG924A HP 1920-24G Switch\n - JG923A HP 1920-16G Switch\n - JG922A HP 1920-8G-PoE+ (180W) Switch\n - JG921A HP 1920-8G-PoE+ (65W) Switch\n - JG920A HP 1920-8G Switch\n + **V1910 (Comware 5) - Version: R1516**\n * HP Network Products\n - JE005A HP 1910-16G Switch\n - JE006A HP 1910-24G Switch\n - JE007A HP 1910-24G-PoE (365W) Switch\n - JE008A HP 1910-24G-PoE(170W) Switch\n - JE009A HP 1910-48G Switch\n - JG348A HP 1910-8G Switch\n - JG349A HP 1910-8G-PoE+ (65W) Switch\n - JG350A HP 1910-8G-PoE+ (180W) Switch\n + **SMB 1620 (Comware 5) - Version: R1108**\n * HP Network Products\n - JG914A HP 1620-48G Switch\n - JG913A HP 1620-24G Switch\n - JG912A HP 1620-8G Switch\n\n**COMWARE 7 Products**\n\n + **12500 (Comware 7) - Version: R7376**\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n + **10500 (Comware 7) - Version: R7170**\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n + **12900 (Comware 7) - Version: R1138P01**\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n + **5900 (Comware 7) - Version: R2422P01**\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n + **MSR1000 (Comware 7) - Version: R0305P04**\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n + **MSR2000 (Comware 7) - Version: R0305P04**\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n + **MSR3000 (Comware 7) - Version: R0305P04**\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG407A HP MSR3024 DC Router\n - JG408A HP MSR3024 PoE Router\n - JG409A HP MSR3012 AC Router\n - JG410A HP MSR3012 DC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n + **MSR4000 (Comware 7) - Version: R0305P04**\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n + **VSR (Comware 7) - Version: E0321P01**\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n + **7900 (Comware 7) - Version: R2138P01**\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n + **5130 (Comware 7) - Version: R3109P16**\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n + **5700 (Comware 7) - Version: R2422P01**\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n + **5930 (Comware 7) - Version: R2422P01**\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n + **HSR6600 (Comware 7) - Version: R7103P05**\n * HP Network Products\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n + **HSR6800 (Comware 7) - Version: R7103P05**\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing\n - JH075A HP HSR6800 RSE-X3 Router Main Processing Unit\n + **1950 (Comware 7) - Version: R3109P16**\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n + **7500 (Comware 7) - Version: R7170**\n * HP Network Products\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n\n**iMC Products**\n\n + **iMC Plat - Version: iMC Plat 7.1 E0303P16**\n * HP Network Products\n - JD125A HP IMC Std S/W Platform w/100-node\n - JD126A HP IMC Ent S/W Platform w/100-node\n - JD808A HP IMC Ent Platform w/100-node License\n - JD814A HP A-IMC Enterprise Edition Software DVD Media\n - JD815A HP IMC Std Platform w/100-node License\n - JD816A HP A-IMC Standard Edition Software DVD Media\n - JF288AAE HP Network Director to Intelligent Management Center\nUpgrade E-LTU\n - JF289AAE HP Enterprise Management System to Intelligent Management\nCenter Upgrade E-LTU\n - JF377A HP IMC Std S/W Platform w/100-node Lic\n - JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU\n - JF378A HP IMC Ent S/W Platform w/200-node Lic\n - JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU\n - JG546AAE HP IMC Basic SW Platform w/50-node E-LTU\n - JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU\n - JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU\n - JG550AAE HP PMM to IMC Bsc WLM Upgr w/150AP E-LTU\n - JG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU\n - JG659AAE HP IMC Smart Connect VAE E-LTU\n - JG660AAE HP IMC Smart Connect w/WLM VAE E-LTU\n - JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU\n - JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU\n - JG766AAE HP IMC SmCnct Vrtl Applnc SW E-LTU\n - JG767AAE HP IMC SmCnct WSM Vrtl Applnc SW E-LTU\n - JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU\n + **iMC iNode - Version: iNode PC 7.1 E0313, or, iNode PC 7.2 (E0401)**\n * HP Network Products\n - JD144A HP A-IMC User Access Management Software Module with 200-user\nLicense\n - JD147A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JD435A HP A-IMC Endpoint Admission Defense Client Software\n - JF388A HP IMC User Authentication Management Software Module with\n200-user License\n - JF388AAE HP IMC User Authentication Management Software Module with\n200-user E-LTU\n - JF391A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JF391AAE HP IMC Endpoint Admission Defense Software Module with\n200-user E-LTU\n - JG752AAE HP IMC User Access Manager Software Module with 50-user\nE-LTU\n - JG754AAE) HP IMC Endpoint Admission Defense Software Module with\n50-user E-LTU\n + **iMC TAM_UAM - Version: iMC UAM_TAM 7.1 (E0307)**\n * HP Network Products\n - JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE\n - JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU\n - JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU\n - JG483A HP IMC TAM S/W MODULE W/100-NODE LIC\n - JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU\n - JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU\n + **iMC NSM - Version: iMC WSM 7.1 E0303P10**\n * HP Network Products\n - JD456A HP IMC WSM Software Module with 50-Access Point License\n - JF414A HP IMC Wireless Service Manager Software Module with 50-Access\nPoint License\n - JF414AAE HP IMC Wireless Service Manager Software Module with\n50-Access Point E-LTU\n - JG551AAE HP PCM+ Mobility Manager to IMC Wireless Service Manager\nModule Upgrade with 250 Access Point E-LTU\n - JG758AAE HP IMC WSM/RTLS w/ 50-node E-LTU\n - JG769AAE HP PCM Mobility Manager to IMC Wireless Service Manager Upg\nwith 250-node E-LTU\n\n**VCX Products**\n\n + **VCX - Version: 9.8.18**\n * HP Network Products\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n\nHISTORY\nVersion:1 (rev.1) - 5 July 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1n-i486-1_slack14.1.txz: Upgraded. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zg-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zg-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zg-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zg-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zg-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zg-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1n-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1n-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1n-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1n-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1n-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1n-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1n-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1n-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1n-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1n-i586-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1n-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1n-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n383ecfed6bfef1440a44d7082745848a openssl-0.9.8zg-i486-1_slack13.0.txz\nfb186187ffa200e22d9450a9d0e321f6 openssl-solibs-0.9.8zg-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\neb52318ed52fef726402f0b2a74745c5 openssl-0.9.8zg-x86_64-1_slack13.0.txz\n9447927b960a01b21149e28a9783021f openssl-solibs-0.9.8zg-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n37f46f6b4fe2acbe217eaf7c0b33b704 openssl-0.9.8zg-i486-1_slack13.1.txz\n986de2e71676f61d788a59a1e0c8de1f openssl-solibs-0.9.8zg-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\n6b160ce817dcde3ae5b3a861b284387b openssl-0.9.8zg-x86_64-1_slack13.1.txz\n503d891680c711162386ea7e3daadca8 openssl-solibs-0.9.8zg-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n5e7501b1d73d01d3d87704c3cfd3a888 openssl-0.9.8zg-i486-1_slack13.37.txz\n874f0b59870dd3f259640c9930a02f99 openssl-solibs-0.9.8zg-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\nb6d91614458040d461dff3c3eab45206 openssl-0.9.8zg-x86_64-1_slack13.37.txz\nbe106df5e59c2be7fa442df8ba85ad0b openssl-solibs-0.9.8zg-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\nee7c3937e6a6d7ac7537f751af7da7b9 openssl-1.0.1n-i486-1_slack14.0.txz\n758662437d33f99ec0a686cedeb1919e openssl-solibs-1.0.1n-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n2dfdc4729e93cf460018e9e30a6223dc openssl-1.0.1n-x86_64-1_slack14.0.txz\n9cb4b34e97e60f6bfe4c843aabeae954 openssl-solibs-1.0.1n-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n5a9bf08d55615cfc097109c2e3786f7b openssl-1.0.1n-i486-1_slack14.1.txz\nfb1c05468e5c38d51a8ff6ac435e3a20 openssl-solibs-1.0.1n-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\n1ef5cede3f954c3e4741012ffa76b750 openssl-1.0.1n-x86_64-1_slack14.1.txz\nea22c288c60ae1d7ea8c5b3a1608462b openssl-solibs-1.0.1n-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n56db8712d653c060f910e8915a8f8656 a/openssl-solibs-1.0.1n-i586-1.txz\n6d6264c9943e27240db5c8f5ec342e27 n/openssl-1.0.1n-i586-1.txz\n\nSlackware x86_64 -current packages:\ne73f7aff5aa0ad14bc06428544f99ae2 a/openssl-solibs-1.0.1n-x86_64-1.txz\n91b550b9eb0ac0c580e158375a93c0e4 n/openssl-1.0.1n-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1n-i486-1_slack14.1.txz openssl-solibs-1.0.1n-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. OpenSSL Security Advisory [11 Jun 2015]\n=======================================\n\nDHE man-in-the-middle protection (Logjam)\n====================================================================\n\nA vulnerability in the TLS protocol allows a man-in-the-middle\nattacker to downgrade vulnerable TLS connections using ephemeral\nDiffie-Hellman key exchange to 512-bit export-grade cryptography. This\nvulnerability is known as Logjam (CVE-2015-4000). \n\nOpenSSL has added protection for TLS clients by rejecting handshakes\nwith DH parameters shorter than 768 bits. This limit will be increased\nto 1024 bits in a future release. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\n\nFixes for this issue were developed by Emilia K\u00e4sper and Kurt Roeckx\nof the OpenSSL development team. \n\nMalformed ECParameters causes infinite loop (CVE-2015-1788)\n===========================================================\n\nSeverity: Moderate\n\nWhen processing an ECParameters structure OpenSSL enters an infinite loop if\nthe curve specified is over a specially malformed binary polynomial field. \n\nThis can be used to perform denial of service against any\nsystem which processes public keys, certificate requests or\ncertificates. This includes TLS clients and TLS servers with\nclient authentication enabled. \n\nThis issue affects OpenSSL versions: 1.0.2 and 1.0.1. Recent\n1.0.0 and 0.9.8 versions are not affected. 1.0.0d and 0.9.8r and below are\naffected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s\nOpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The\nfix was developed by Andy Polyakov of the OpenSSL development team. \n\nExploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)\n===============================================================\n\nSeverity: Moderate\n\nX509_cmp_time does not properly check the length of the ASN1_TIME\nstring and can read a few bytes out of bounds. In addition,\nX509_cmp_time accepts an arbitrary number of fractional seconds in the\ntime string. \n\nAn attacker can use this to craft malformed certificates and CRLs of\nvarious sizes and potentially cause a segmentation fault, resulting in\na DoS on applications that verify certificates or CRLs. TLS clients\nthat verify CRLs are affected. TLS clients and servers with client\nauthentication enabled may be affected if they use custom verification\ncallbacks. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 8th April 2015 by Robert Swiecki\n(Google), and independently on 11th April 2015 by Hanno B\u00f6ck. The fix\nwas developed by Emilia K\u00e4sper of the OpenSSL development team. \n\nPKCS7 crash with missing EnvelopedContent (CVE-2015-1790)\n=========================================================\n\nSeverity: Moderate\n\nThe PKCS#7 parsing code does not handle missing inner EncryptedContent\ncorrectly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs\nwith missing content and trigger a NULL pointer dereference on parsing. \n\nApplications that decrypt PKCS#7 data or otherwise parse PKCS#7\nstructures from untrusted sources are affected. OpenSSL clients and\nservers are not affected. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 18th April 2015 by Michal\nZalewski (Google). The fix was developed by Emilia K\u00e4sper of the\nOpenSSL development team. \n\nCMS verify infinite loop with unknown hash function (CVE-2015-1792)\n===================================================================\n\nSeverity: Moderate\n\nWhen verifying a signedData message the CMS code can enter an infinite loop\nif presented with an unknown hash function OID. \n\nThis can be used to perform denial of service against any system which\nverifies signedData messages using the CMS code. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 31st March 2015 by Johannes Bauer. The\nfix was developed by Dr. Stephen Henson of the OpenSSL development team. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was discovered by Emilia K\u00e4sper of the OpenSSL development team. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nInvalid free in DTLS (CVE-2014-8176)\n====================================\n\nSeverity: Moderate\n\nThis vulnerability does not affect current versions of OpenSSL. It\nexisted in previous OpenSSL versions and was fixed in June 2014. \n\nIf a DTLS peer receives application data between the ChangeCipherSpec\nand Finished messages, buffering of such data may cause an invalid\nfree, resulting in a segmentation fault or potentially, memory\ncorruption. \n\nThis issue affected older OpenSSL versions 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThis issue was originally reported on March 28th 2014 in\nhttps://rt.openssl.org/Ticket/Display.html?id=3286 by Praveen\nKariyanahalli, and subsequently by Ivan Fratric and Felix Groebert\n(Google). A fix was developed by zhu qun-ying. \n\nThe fix for this issue can be identified by commits bcc31166 (1.0.1),\nb79e6e3a (1.0.0) and 4b258e73 (0.9.8). \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions\n1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these\nreleases will be provided after that date. Users of these releases are advised\nto upgrade. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20150611.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1791"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003083"
},
{
"db": "BID",
"id": "75161"
},
{
"db": "VULMON",
"id": "CVE-2015-1791"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132973"
},
{
"db": "PACKETSTORM",
"id": "132398"
},
{
"db": "PACKETSTORM",
"id": "137772"
},
{
"db": "PACKETSTORM",
"id": "132285"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "137201"
},
{
"db": "PACKETSTORM",
"id": "169629"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-1791",
"trust": 3.7
},
{
"db": "BID",
"id": "75161",
"trust": 2.0
},
{
"db": "JUNIPER",
"id": "JSA10694",
"trust": 2.0
},
{
"db": "JUNIPER",
"id": "JSA10733",
"trust": 2.0
},
{
"db": "BID",
"id": "91787",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1032479",
"trust": 1.7
},
{
"db": "MCAFEE",
"id": "SB10122",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU91445763",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003083",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201506-247",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-1791",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137294",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132973",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132398",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137772",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132285",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136989",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137292",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137201",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169629",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1791"
},
{
"db": "BID",
"id": "75161"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003083"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132973"
},
{
"db": "PACKETSTORM",
"id": "132398"
},
{
"db": "PACKETSTORM",
"id": "137772"
},
{
"db": "PACKETSTORM",
"id": "132285"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "137201"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-247"
},
{
"db": "NVD",
"id": "CVE-2015-1791"
}
]
},
"id": "VAR-201506-0496",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.2242063475
},
"last_update_date": "2024-07-23T19:41:24.247000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht205031"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht205031"
},
{
"title": "cisco-sa-20150612-openssl",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150612-openssl"
},
{
"title": "Fix race condition in NewSessionTicket",
"trust": 0.8,
"url": "https://github.com/openssl/openssl/commit/98ece4eebfb6cd45cc8d550c6ac0022965071afc"
},
{
"title": "HPSBUX03388",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143880121627664\u0026amp;w=2"
},
{
"title": "HPSBMU03546",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05045763"
},
{
"title": "\u30a2\u30e9\u30a4\u30c9\u30c6\u30ec\u30b7\u30b9\u682a\u5f0f\u4f1a\u793e\u304b\u3089\u306e\u60c5\u5831",
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu91445763/522154/index.html"
},
{
"title": "NV15-010",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv15-010.html"
},
{
"title": "OpenSSL vulnerabilities",
"trust": 0.8,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"title": "Tarballs",
"trust": 0.8,
"url": "https://www.openssl.org/source/"
},
{
"title": "[11 Jun 2015] DHE man-in-the-middle protection (Logjam)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"title": "Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - January 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016verbose-2367956.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - October 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016verbose-2881725.html"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - October 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015verbose-2367954.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2016verbose-2881721.html"
},
{
"title": "Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"title": "October 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2015_critical_patch_update"
},
{
"title": "July 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2016_critical_patch_update"
},
{
"title": "January 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/january_2016_critical_patch_update"
},
{
"title": "October 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2016_critical_patch_update"
},
{
"title": "JSA10694",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10694"
},
{
"title": "TLSA-2015-14",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2015/tlsa-2015-14j.html"
},
{
"title": "cisco-sa-20150612-openssl",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/112/1129/1129443_cisco-sa-20150612-openssl-j.html"
},
{
"title": "openssl-1.0.0s",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=56611"
},
{
"title": "openssl-0.9.8zg",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=56610"
},
{
"title": "openssl-1.0.2b",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=56613"
},
{
"title": "openssl-1.0.1n",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=56612"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/07/06/hpe_rushes_out_patch_for_more_than_a_year_of_openssl_vulns/"
},
{
"title": "Red Hat: CVE-2015-1791",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-1791"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2639-1"
},
{
"title": "Amazon Linux AMI: ALAS-2015-550",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2015-550"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20150612-openssl"
},
{
"title": "Symantec Security Advisories: SA98 : OpenSSL Security Advisory 11-June-2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=a7350b0751124b5a44ba8dbd2df71f9f"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=8b701aba68029ec36b631a8e26157a22"
},
{
"title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=744c19dc9f4f70ad58059bf8733ec9c1"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=63802a6c83b107c4e6e0c7f9241a66a8"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/no-25-miner/vulseeker-master "
},
{
"title": "FirmKit",
"trust": 0.1,
"url": "https://github.com/syssec-kaist/firmkit "
},
{
"title": "BinSeeker",
"trust": 0.1,
"url": "https://github.com/buptssegj/binseeker "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1791"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003083"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-247"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-362",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003083"
},
{
"db": "NVD",
"id": "CVE-2015-1791"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"trust": 2.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10694"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1115.html"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150612-openssl"
},
{
"trust": 2.0,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201506-02"
},
{
"trust": 1.7,
"url": "https://github.com/openssl/openssl/commit/98ece4eebfb6cd45cc8d550c6ac0022965071afc"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 1.7,
"url": "https://support.apple.com/kb/ht205031"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05157667"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05131044"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05158380"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05184351"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05045763"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/75161"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10733"
},
{
"trust": 1.7,
"url": "https://openssl.org/news/secadv/20150611.txt"
},
{
"trust": 1.7,
"url": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"trust": 1.7,
"url": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"trust": 1.7,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"trust": 1.7,
"url": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05353965"
},
{
"trust": 1.7,
"url": "http://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2015-008.txt.asc"
},
{
"trust": 1.7,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10122"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160647.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160436.html"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-2639-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1032479"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2015/dsa-3287"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.7,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1791"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu91445763/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1791"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1790"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1788"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1792"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.5,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.5,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131044"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022444"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962775"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965845"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/aug/13"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10733\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05353965"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05184351"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/aug/135"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05157667"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05150888"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05158380"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022527"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005313"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005376"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962520"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963232"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963954"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966723"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022655"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022724"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101012435"
},
{
"trust": 0.3,
"url": "http://www.fortiguard.com/advisory/fg-ir-15-014/"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "https://www.alienvault.com/forums/discussion/5438/security-advisory-alienvault-v5-0-4-addresses-31-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962519"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962726"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963964"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962039"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020862"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022647"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961800"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961633"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960633"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963096"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960713"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964033"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964441"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960157"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020840"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961179"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962493"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962623"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?rs=0\u0026uid=swg21963438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959518"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961569"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964113"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005314"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005373"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005434"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960045"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961837"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963498"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966481"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966484"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966847"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966873"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968871"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970020"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970103"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971238"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964030"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966381"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4000"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1793"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.2,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131085"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7501"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2017"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6565"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3568"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3508"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3509"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3511"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/362.html"
},
{
"trust": 0.1,
"url": "https://github.com/no-25-miner/vulseeker-master"
},
{
"trust": 0.1,
"url": "https://github.com/syssec-kaist/firmkit"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1791"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2639-1/"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=47152"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/swd/public"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5161"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0800"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1792"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1790"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1791"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1788"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1789"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?doci"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1789"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1792"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1788"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1790"
},
{
"trust": 0.1,
"url": "https://www.hp.com/swpublishing/mtx-b59b11be53744759a650eadeb4"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/sim"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8035"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3237"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2015"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0728"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7547"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05111017"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4969"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05130958"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/info/insightcontrol"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/info/insightmanagement"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2019"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2020"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2018"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2022"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2027"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2026"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2021"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://rt.openssl.org/ticket/display.html?id=3286"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1791"
},
{
"db": "BID",
"id": "75161"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003083"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132973"
},
{
"db": "PACKETSTORM",
"id": "132398"
},
{
"db": "PACKETSTORM",
"id": "137772"
},
{
"db": "PACKETSTORM",
"id": "132285"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "137201"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-247"
},
{
"db": "NVD",
"id": "CVE-2015-1791"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2015-1791"
},
{
"db": "BID",
"id": "75161"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003083"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132973"
},
{
"db": "PACKETSTORM",
"id": "132398"
},
{
"db": "PACKETSTORM",
"id": "137772"
},
{
"db": "PACKETSTORM",
"id": "132285"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "137201"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-247"
},
{
"db": "NVD",
"id": "CVE-2015-1791"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-12T00:00:00",
"db": "VULMON",
"id": "CVE-2015-1791"
},
{
"date": "2015-06-11T00:00:00",
"db": "BID",
"id": "75161"
},
{
"date": "2015-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003083"
},
{
"date": "2016-06-02T16:22:00",
"db": "PACKETSTORM",
"id": "137294"
},
{
"date": "2015-08-06T10:10:00",
"db": "PACKETSTORM",
"id": "132973"
},
{
"date": "2015-06-22T14:14:00",
"db": "PACKETSTORM",
"id": "132398"
},
{
"date": "2016-07-05T18:18:00",
"db": "PACKETSTORM",
"id": "137772"
},
{
"date": "2015-06-12T13:17:58",
"db": "PACKETSTORM",
"id": "132285"
},
{
"date": "2016-05-13T16:14:13",
"db": "PACKETSTORM",
"id": "136989"
},
{
"date": "2016-06-02T19:12:12",
"db": "PACKETSTORM",
"id": "137292"
},
{
"date": "2016-05-26T09:22:00",
"db": "PACKETSTORM",
"id": "137201"
},
{
"date": "2015-06-11T12:12:12",
"db": "PACKETSTORM",
"id": "169629"
},
{
"date": "2015-06-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-247"
},
{
"date": "2015-06-12T19:59:04.397000",
"db": "NVD",
"id": "CVE-2015-1791"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-13T00:00:00",
"db": "VULMON",
"id": "CVE-2015-1791"
},
{
"date": "2017-05-23T16:28:00",
"db": "BID",
"id": "75161"
},
{
"date": "2017-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003083"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-247"
},
{
"date": "2022-12-13T12:15:15.400000",
"db": "NVD",
"id": "CVE-2015-1791"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-247"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of ssl/s3_clnt.c of ssl3_get_new_session_ticket Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003083"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "competition condition problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-247"
}
],
"trust": 0.6
}
}
VAR-201507-0348
Vulnerability from variot - Updated: 2024-07-23 19:37The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger unintended certificate verifications via a valid leaf certificate. OpenSSL Contains a certificate chain validation flaw. 2015 Year 7 Moon 9 Day, OpenSSL Project Than OpenSSL Security Advisory [9 Jul 2015] Has been published. OpenSSL Security Advisory [9 Jul 2015] https://www.openssl.org/news/secadv_20150709.txt According to the advisory, the following vulnerabilities have been fixed: OpenSSL 1.0.2d , 1.0.1p Has been released. Severity − High (Severity: High) ・ Alternative chains certificate forgery (CVE-2015-1793) OpenSSL Tries to build an alternative certificate chain if the certificate validation fails to build the first certificate chain, but there is a flaw in the implementation of this process. As a result, for example CA Flag FALSE A certificate issued using a certificate that is considered to be trusted is not detected as being invalid. CA May be treated as a certificate issued by.Man-in-the-middle attacks (man-in-the-middle attack) By HTTPS The contents of the communication may be viewed or altered. OpenSSL is prone to a security-bypass vulnerability because the application fails to properly verify SSL, TLS, and DTLS certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks and bypass certain security restrictions. This may aid in further attacks. OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n, and 1.0.1o are vulnerable. It supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, security hashing algorithm, etc. There is a security vulnerability in the TLS protocol 1.2 and earlier versions. The vulnerability comes from that when the server enables the DHE_EXPORT cipher suite, the program does not pass the DHE_EXPORT option correctly. Attackers can exploit this vulnerability to implement man-in-the-middle attacks and cipher-downgrade attacks by rewriting ClientHello (use DHE_EXPORT instead of DHE) and then rewrite ServerHello (use DHE instead of DHE_EXPORT). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04760669
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04760669 Version: 1
HPSBUX03388 SSRT102180 rev.1 - HP-UX running OpenSSL, Remote Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-08-05 Last Updated: 2015-08-05
Potential Security Impact: Remote disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running OpenSSL with SSL/TLS enabled.
This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as Logjam which could be exploited remotely resulting in disclosure of information.
References:
CVE-2015-4000: DHE man-in-the-middle protection (Logjam). CVE-2015-1788: Malformed ECParameters causes infinite loop. CVE-2015-1789: Exploitable out-of-bounds read in X509_cmp_time. CVE-2015-1790: PKCS7 crash with missing EnvelopedContent CVE-2015-1791: Race condition handling NewSessionTicket CVE-2015-1792: CMS verify infinite loop with unknown hash function CVE-2015-1793: Alternative Chain Certificate Forgery.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-4000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2015-1788 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1791 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1793 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided an updated version of OpenSSL to resolve this vulnerability.
A new B.11.31 depot for OpenSSL_A.01.00.01p is available here:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =OPENSSL11I
MANUAL ACTIONS: Yes - Update
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.31
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.01.00.01p or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 5 August 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAlXCSD4ACgkQ4B86/C0qfVlKnQCg5XcK1amrTACEyDY3QtJF75u2 L90AnAgGXxSCZgBVzDQCAezbHbrHPwtg =74KM -----END PGP SIGNATURE----- . The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS) or unauthorized access.
References:
- CVE-2014-8176 - Remote Denial of Service (DoS)
- CVE-2015-1788 - Remote Denial of Service (DoS)
- CVE-2015-1789 - Remote Denial of Service (DoS)
- CVE-2015-1790 - Remote Denial of Service (DoS)
- CVE-2015-1791 - Remote Denial of Service (DoS)
- CVE-2015-1792 - Remote Denial of Service (DoS)
- CVE-2015-1793 - Remote Unauthorized Access
- PSRT110158, SSRT102264
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
Please refer to the RESOLUTION below for a list of impacted products.
COMWARE 5 Products
- A6600 (Comware 5) - Version: R3303P23
- HP Network Products
- JC165A HP 6600 RPE-X1 Router Module
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JC566A HP 6600 RSE-X1 Router Main Processing Unit
- JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit
- JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit
- HSR6602 (Comware 5) - Version: R3303P23
- HP Network Products
- JC176A HP 6602 Router Chassis
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG355A HP 6600 MCP-X1 Router Main Processing Unit
- JG356A HP 6600 MCP-X2 Router Main Processing Unit
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit
- HSR6800 (Comware 5) - Version: R3303P23
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit
- MSR20 (Comware 5) - Version: R2514P10
- HP Network Products
- JD432A HP A-MSR20-21 Router
- JD662A HP MSR20-20 Router
- JD663A HP A-MSR20-21 Router
- JD663B HP MSR20-21 Router
- JD664A HP MSR20-40 Router
- JF228A HP MSR20-40 Router
- JF283A HP MSR20-20 Router
- MSR20-1X (Comware 5) - Version: R2514P10
- HP Network Products
- JD431A HP MSR20-10 Router
- JD667A HP MSR20-15 IW Multi-Service Router
- JD668A HP MSR20-13 Multi-Service Router
- JD669A HP MSR20-13 W Multi-Service Router
- JD670A HP MSR20-15 A Multi-Service Router
- JD671A HP MSR20-15 AW Multi-Service Router
- JD672A HP MSR20-15 I Multi-Service Router
- JD673A HP MSR20-11 Multi-Service Router
- JD674A HP MSR20-12 Multi-Service Router
- JD675A HP MSR20-12 W Multi-Service Router
- JD676A HP MSR20-12 T1 Multi-Service Router
- JF236A HP MSR20-15-I Router
- JF237A HP MSR20-15-A Router
- JF238A HP MSR20-15-I-W Router
- JF239A HP MSR20-11 Router
- JF240A HP MSR20-13 Router
- JF241A HP MSR20-12 Router
- JF806A HP MSR20-12-T Router
- JF807A HP MSR20-12-W Router
- JF808A HP MSR20-13-W Router
- JF809A HP MSR20-15-A-W Router
- JF817A HP MSR20-15 Router
- JG209A HP MSR20-12-T-W Router (NA)
- JG210A HP MSR20-13-W Router (NA)
- MSR 30 (Comware 5) - Version: R2514P10
- HP Network Products
- JD654A HP MSR30-60 POE Multi-Service Router
- JD657A HP MSR30-40 Multi-Service Router
- JD658A HP MSR30-60 Multi-Service Router
- JD660A HP MSR30-20 POE Multi-Service Router
- JD661A HP MSR30-40 POE Multi-Service Router
- JD666A HP MSR30-20 Multi-Service Router
- JF229A HP MSR30-40 Router
- JF230A HP MSR30-60 Router
- JF232A HP RTMSR3040-AC-OVSAS-H3
- JF235A HP MSR30-20 DC Router
- JF284A HP MSR30-20 Router
- JF287A HP MSR30-40 DC Router
- JF801A HP MSR30-60 DC Router
- JF802A HP MSR30-20 PoE Router
- JF803A HP MSR30-40 PoE Router
- JF804A HP MSR30-60 PoE Router
- JG728A HP MSR30-20 TAA-compliant DC Router
- JG729A HP MSR30-20 TAA-compliant Router
- MSR 30-16 (Comware 5) - Version: R2514P10
- HP Network Products
- JD659A HP MSR30-16 POE Multi-Service Router
- JD665A HP MSR30-16 Multi-Service Router
- JF233A HP MSR30-16 Router
- JF234A HP MSR30-16 PoE Router
- MSR 30-1X (Comware 5) - Version: R2514P10
- HP Network Products
- JF800A HP MSR30-11 Router
- JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr
- JG182A HP MSR30-11E Router
- JG183A HP MSR30-11F Router
- JG184A HP MSR30-10 DC Router
- MSR 50 (Comware 5) - Version: R2514P10
- HP Network Products
- JD433A HP MSR50-40 Router
- JD653A HP MSR50 Processor Module
- JD655A HP MSR50-40 Multi-Service Router
- JD656A HP MSR50-60 Multi-Service Router
- JF231A HP MSR50-60 Router
- JF285A HP MSR50-40 DC Router
- JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply
- MSR 50-G2 (Comware 5) - Version: R2514P10
- HP Network Products
- JD429A HP MSR50 G2 Processor Module
- JD429B HP MSR50 G2 Processor Module
- MSR 9XX (Comware 5) - Version: R2514P10
- HP Network Products
- JF812A HP MSR900 Router
- JF813A HP MSR920 Router
- JF814A HP MSR900-W Router
- JF815A HP MSR920 2FEWAN/8FELAN/.11 b/g Rtr
- JG207A HP MSR900-W Router (NA)
- JG208A HP MSR920-W Router (NA)
- MSR 93X (Comware 5) - Version: R2514P10
- HP Network Products
- JG511A HP MSR930 Router
- JG511B HP MSR930 Router
- JG512A HP MSR930 Wireless Router
- JG513A HP MSR930 3G Router
- JG513B HP MSR930 3G Router
- JG514A HP MSR931 Router
- JG514B HP MSR931 Router
- JG515A HP MSR931 3G Router
- JG516A HP MSR933 Router
- JG517A HP MSR933 3G Router
- JG518A HP MSR935 Router
- JG518B HP MSR935 Router
- JG519A HP MSR935 Wireless Router
- JG520A HP MSR935 3G Router
- JG531A HP MSR931 Dual 3G Router
- JG531B HP MSR931 Dual 3G Router
- JG596A HP MSR930 4G LTE/3G CDMA Router
- JG597A HP MSR936 Wireless Router
- JG665A HP MSR930 4G LTE/3G WCDMA Global Router
- JG704A HP MSR930 4G LTE/3G WCDMA ATT Router
- JH009A HP MSR931 Serial (TI) Router
- JH010A HP MSR933 G.SHDSL (TI) Router
- JH011A HP MSR935 ADSL2+ (TI) Router
- JH012A HP MSR930 Wireless 802.11n (NA) Router
- JH012B HP MSR930 Wireless 802.11n (NA) Router
- JH013A HP MSR935 Wireless 802.11n (NA) Router
- MSR1000 (Comware 5) - Version: R2514P10
- HP Network Products
- JG732A HP MSR1003-8 AC Router
- 12500 (Comware 5) - Version: R1829P01
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JC808A HP 12500 TAA Main Processing Unit
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- 9500E (Comware 5) - Version: R1829P01
- HP Network Products
- JC124A HP A9508 Switch Chassis
- JC124B HP 9505 Switch Chassis
- JC125A HP A9512 Switch Chassis
- JC125B HP 9512 Switch Chassis
- JC474A HP A9508-V Switch Chassis
- JC474B HP 9508-V Switch Chassis
- 10500 (Comware 5) - Version: R1210P01
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC614A HP 10500 Main Processing Unit
- JC748A HP 10512 Switch Chassis
- JG375A HP 10500 TAA-compliant Main Processing Unit
- JG820A HP 10504 TAA-compliant Switch Chassis
- JG821A HP 10508 TAA-compliant Switch Chassis
- JG822A HP 10508-V TAA-compliant Switch Chassis
- JG823A HP 10512 TAA-compliant Switch Chassis
- 7500 (Comware 5) - Version: R6710P01
- HP Network Products
- JC666A HP 7503-S 144Gbps Fabric/MPU with PoE Upgradable 20-port Gig-T/4-port GbE Combo
- JC697A HP 7502 TAA-compliant Main Processing Unit
- JC698A HP 7503-S 144Gbps TAA Fabric / MPU with 16 GbE SFP Ports and 8 GbE Combo Ports
- JC699A HP 7500 384Gbps TAA-compliant Fabric / MPU with 2 10GbE XFP Ports
- JC700A HP 7500 384Gbps TAA-compliant Fabric / Main Processing Unit
- JC701A HP 7500 768Gbps TAA-compliant Fabric / Main Processing Unit
- JD193A HP 7500 384Gbps Fabric Module with 2 XFP Ports
- JD193B HP 7500 384Gbps Fabric Module with 2 XFP Ports
- JD194A HP 7500 384Gbps Fabric Module
- JD194B HP 7500 384Gbps Fabric Module
- JD195A HP 7500 384Gbps Advanced Fabric Module
- JD196A HP 7502 Fabric Module
- JD220A HP 7500 768Gbps Fabric Module
- JD224A HP 7500 384Gbps Fabric Module with 12 SFP Ports
- JD238A HP 7510 Switch Chassis
- JD238B HP 7510 Switch Chassis
- JD239A HP 7506 Switch Chassis
- JD239B HP 7506 Switch Chassis
- JD240A HP 7503 Switch Chassis
- JD240B HP 7503 Switch Chassis
- JD241A HP 7506-V Switch Chassis
- JD241B HP 7506-V Switch Chassis
- JD242A HP 7502 Switch Chassis
- JD242B HP 7502 Switch Chassis
- JD243A HP 7503-S Switch Chassis with 1 Fabric Slot
- JD243B HP 7503-S Switch Chassis with 1 Fabric Slot
- JE164A HP E7902 Switch Chassis
- JE165A HP E7903 Switch Chassis
- JE166A HP E7903 1 Fabric Slot Switch Chassis
- JE167A HP E7906 Switch Chassis
- JE168A HP E7906 Vertical Switch Chassis
- JE169A HP E7910 Switch Chassis
- 5830 (Comware 5) - Version: R1118P13
- HP Network Products
- JC691A HP 5830AF-48G Switch with 1 Interface Slot
- JC694A HP 5830AF-96G Switch
- JG316A HP 5830AF-48G TAA-compliant Switch w/1 Interface Slot
- JG374A HP 5830AF-96G TAA-compliant Switch
- 5800 (Comware 5) - Version: R1809P11
- HP Network Products
- JC099A HP 5800-24G-PoE Switch
- JC099B HP 5800-24G-PoE+ Switch
- JC100A HP 5800-24G Switch
- JC100B HP 5800-24G Switch
- JC101A HP 5800-48G Switch with 2 Slots
- JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots
- JC103A HP 5800-24G-SFP Switch
- JC103B HP 5800-24G-SFP Switch with 1 Interface Slot
- JC104A HP 5800-48G-PoE Switch
- JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot
- JC105A HP 5800-48G Switch
- JC105B HP 5800-48G Switch with 1 Interface Slot
- JG254A HP 5800-24G-PoE+ TAA-compliant Switch
- JG254B HP 5800-24G-PoE+ TAA-compliant Switch
- JG255A HP 5800-24G TAA-compliant Switch
- JG255B HP 5800-24G TAA-compliant Switch
- JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot
- JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot
- JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot
- JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot
- JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot
- JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot
- JG225A HP 5800AF-48G Switch
- JG225B HP 5800AF-48G Switch
- JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots
- JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface
- JG243A HP 5820-24XG-SFP+ TAA-compliant Switch
- JG243B HP 5820-24XG-SFP+ TAA-compliant Switch
- JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots & 1 OAA Slot
- JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots and 1 OAA Slot
- JC106A HP 5820-14XG-SFP+ Switch with 2 Slots
- JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots & 1 OAA Slot
- JG219A HP 5820AF-24XG Switch
- JG219B HP 5820AF-24XG Switch
- JC102A HP 5820-24XG-SFP+ Switch
- JC102B HP 5820-24XG-SFP+ Switch
- 5500 HI (Comware 5) - Version: R5501P17
- HP Network Products
- JG311A HP 5500-24G-4SFP HI Switch with 2 Interface Slots
- JG312A HP 5500-48G-4SFP HI Switch with 2 Interface Slots
- JG541A HP 5500-24G-PoE+-4SFP HI Switch with 2 Interface Slots
- JG542A HP 5500-48G-PoE+-4SFP HI Switch with 2 Interface Slots
- JG543A HP 5500-24G-SFP HI Switch with 2 Interface Slots
- JG679A HP 5500-24G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface Slots
- JG680A HP 5500-48G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface Slots
- JG681A HP 5500-24G-SFP HI TAA-compliant Switch with 2 Interface Slots
- 5500 EI (Comware 5) - Version: R2221P19
- HP Network Products
- JD373A HP 5500-24G DC EI Switch
- JD374A HP 5500-24G-SFP EI Switch
- JD375A HP 5500-48G EI Switch
- JD376A HP 5500-48G-PoE EI Switch
- JD377A HP 5500-24G EI Switch
- JD378A HP 5500-24G-PoE EI Switch
- JD379A HP 5500-24G-SFP DC EI Switch
- JG240A HP 5500-48G-PoE+ EI Switch with 2 Interface Slots
- JG241A HP 5500-24G-PoE+ EI Switch with 2 Interface Slots
- JG249A HP 5500-24G-SFP EI TAA-compliant Switch with 2 Interface
- JG250A HP 5500-24G EI TAA-compliant Switch with 2 Interface Slots
- JG251A HP 5500-48G EI TAA-compliant Switch with 2 Interface Slots
- JG252A HP 5500-24G-PoE+ EI TAA-compliant Switch with 2 Interface Slots
- JG253A HP 5500-48G-PoE+ EI TAA-compliant Switch with 2 Interface Slots
- 4800G (Comware 5) - Version: R2221P19
- HP Network Products
- JD007A HP 4800-24G Switch
- JD008A HP 4800-24G-PoE Switch
- JD009A HP 4800-24G-SFP Switch
- JD010A HP 4800-48G Switch
- JD011A HP 4800-48G-PoE Switch
- 5500SI (Comware 5) - Version: R2221P20
- HP Network Products
- JD369A HP 5500-24G SI Switch
- JD370A HP 5500-48G SI Switch
- JD371A HP 5500-24G-PoE SI Switch
- JD372A HP 5500-48G-PoE SI Switch
- JG238A HP 5500-24G-PoE+ SI Switch with 2 Interface Slots
- JG239A HP 5500-48G-PoE+ SI Switch with 2 Interface Slots
- 4500G (Comware 5) - Version: R2221P20
- HP Network Products
- JF428A HP 4510-48G Switch
- JF847A HP 4510-24G Switch
- 5120 EI (Comware 5) - Version: R2221P20
- HP Network Products
- JE066A HP 5120-24G EI Switch
- JE067A HP 5120-48G EI Switch
- JE068A HP 5120-24G EI Switch with 2 Interface Slots
- JE069A HP 5120-48G EI Switch with 2 Interface Slots
- JE070A HP 5120-24G-PoE EI 2-slot Switch
- JE071A HP 5120-48G-PoE EI 2-slot Switch
- JG236A HP 5120-24G-PoE+ EI Switch with 2 Interface Slots
- JG237A HP 5120-48G-PoE+ EI Switch with 2 Interface Slots
- JG245A HP 5120-24G EI TAA-compliant Switch with 2 Interface Slots
- JG246A HP 5120-48G EI TAA-compliant Switch with 2 Interface Slots
- JG247A HP 5120-24G-PoE+ EI TAA-compliant Switch with 2 Slots
- JG248A HP 5120-48G-PoE+ EI TAA-compliant Switch with 2 Slots
- 4210G (Comware 5) - Version: R2221P20
- HP Network Products
- JF844A HP 4210-24G Switch
- JF845A HP 4210-48G Switch
- JF846A HP 4210-24G-PoE Switch
- 5120 SI (Comware 5) - Version: R1516
- HP Network Products
- JE072A HP 5120-48G SI Switch
- JE072B HPE 5120 48G SI Switch
- JE073A HP 5120-16G SI Switch
- JE073B HPE 5120 16G SI Switch
- JE074A HP 5120-24G SI Switch
- JE074B HPE 5120 24G SI Switch
- JG091A HP 5120-24G-PoE+ (370W) SI Switch
- JG091B HPE 5120 24G PoE+ (370W) SI Switch
- JG092A HP 5120-24G-PoE+ (170W) SI Switch
- JG309B HPE 5120 8G PoE+ (180W) SI Switch
- JG310B HPE 5120 8G PoE+ (65W) SI Switch
- 3610 (Comware 5) - Version: R5319P14
- HP Network Products
- JD335A HP 3610-48 Switch
- JD336A HP 3610-24-4G-SFP Switch
- JD337A HP 3610-24-2G-2G-SFP Switch
- JD338A HP 3610-24-SFP Switch
- 3600V2 (Comware 5) - Version: R2110P06
- HP Network Products
- JG299A HP 3600-24 v2 EI Switch
- JG299B HP 3600-24 v2 EI Switch
- JG300A HP 3600-48 v2 EI Switch
- JG300B HP 3600-48 v2 EI Switch
- JG301A HP 3600-24-PoE+ v2 EI Switch
- JG301B HP 3600-24-PoE+ v2 EI Switch
- JG301C HP 3600-24-PoE+ v2 EI Switch
- JG302A HP 3600-48-PoE+ v2 EI Switch
- JG302B HP 3600-48-PoE+ v2 EI Switch
- JG302C HP 3600-48-PoE+ v2 EI Switch
- JG303A HP 3600-24-SFP v2 EI Switch
- JG303B HP 3600-24-SFP v2 EI Switch
- JG304A HP 3600-24 v2 SI Switch
- JG304B HP 3600-24 v2 SI Switch
- JG305A HP 3600-48 v2 SI Switch
- JG305B HP 3600-48 v2 SI Switch
- JG306A HP 3600-24-PoE+ v2 SI Switch
- JG306B HP 3600-24-PoE+ v2 SI Switch
- JG306C HP 3600-24-PoE+ v2 SI Switch
- JG307A HP 3600-48-PoE+ v2 SI Switch
- JG307B HP 3600-48-PoE+ v2 SI Switch
- JG307C HP 3600-48-PoE+ v2 SI Switch
- 3100V2-48 (Comware 5) - Version: R2110P06
- HP Network Products
- JG315A HP 3100-48 v2 Switch
- JG315B HP 3100-48 v2 Switch
- HP870 (Comware 5) - Version: R2607P46
- HP Network Products
- JG723A HP 870 Unified Wired-WLAN Appliance
- JG725A HP 870 Unified Wired-WLAN TAA-compliant Appliance
- HP850 (Comware 5) - Version: R2607P46
- HP Network Products
- JG722A HP 850 Unified Wired-WLAN Appliance
- JG724A HP 850 Unified Wired-WLAN TAA-compliant Appliance
- HP830 (Comware 5) - Version: R3507P46
- HP Network Products
- JG640A HP 830 24-Port PoE+ Unified Wired-WLAN Switch
- JG641A HP 830 8-port PoE+ Unified Wired-WLAN Switch
- JG646A HP 830 24-Port PoE+ Unified Wired-WLAN TAA-compliant Switch
- JG647A HP 830 8-Port PoE+ Unified Wired-WLAN TAA-compliant
- HP6000 (Comware 5) - Version: R2507P46
- HP Network Products
- JG639A HP 10500/7500 20G Unified Wired-WLAN Module
- JG645A HP 10500/7500 20G Unified Wired-WLAN TAA-compliant Module
- WX5004-EI (Comware 5) - Version: R2507P46
- HP Network Products
- JD447B HP WX5002 Access Controller
- JD448A HP WX5004 Access Controller
- JD448B HP WX5004 Access Controller
- JD469A HP WX5004 Access Controller
- SecBlade FW (Comware 5) - Version: R3181P07
- HP Network Products
- JC635A HP 12500 VPN Firewall Module
- JD245A HP 9500 VPN Firewall Module
- JD249A HP 10500/7500 Advanced VPN Firewall Module
- JD250A HP 6600 Firewall Processing Router Module
- JD251A HP 8800 Firewall Processing Module
- JD255A HP 5820 VPN Firewall Module
- F1000-E (Comware 5) - Version: R3181P07
- HP Network Products
- JD272A HP F1000-E VPN Firewall Appliance
- F1000-A-EI (Comware 5) - Version: R3734P08
- HP Network Products
- JG214A HP F1000-A-EI VPN Firewall Appliance
- F1000-S-EI (Comware 5) - Version: R3734P08
- HP Network Products
- JG213A HP F1000-S-EI VPN Firewall Appliance
- F5000-A (Comware 5) - Version: F3210P26
- HP Network Products
- JD259A HP A5000-A5 VPN Firewall Chassis
- JG215A HP F5000 Firewall Main Processing Unit
- JG216A HP F5000 Firewall Standalone Chassis
- U200S and CS (Comware 5) - Version: F5123P33
- HP Network Products
- JD273A HP U200-S UTM Appliance
- U200A and M (Comware 5) - Version: F5123P33
- HP Network Products
- JD275A HP U200-A UTM Appliance
- F5000-C/S (Comware 5) - Version: R3811P05
- HP Network Products
- JG650A HP F5000-C VPN Firewall Appliance
- JG370A HP F5000-S VPN Firewall Appliance
- SecBlade III (Comware 5) - Version: R3820P06
- HP Network Products
- JG371A HP 12500 20Gbps VPN Firewall Module
- JG372A HP 10500/11900/7500 20Gbps VPN Firewall Module
- 6600 RSE RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JC566A HP 6600 RSE-X1 Router Main Processing Unit
- JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit
- 6600 RPE RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JC165A) HP 6600 RPE-X1 Router Module
- JG781A) HP 6600 RPE-X1 TAA-compliant Main Processing Unit
- 6602 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JC176A) HP 6602 Router Chassis
- HSR6602 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG355A HP 6600 MCP-X1 Router Main Processing Unit
- JG356A HP 6600 MCP-X2 Router Main Processing Unit
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit
- HSR6800 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit
- SMB1910 (Comware 5) - Version: R1111
- HP Network Products
- JG540A HP 1910-48 Switch
- JG539A HP 1910-24-PoE+ Switch
- JG538A HP 1910-24 Switch
- JG537A HP 1910-8 -PoE+ Switch
- JG536A HP 1910-8 Switch
- SMB1920 (Comware 5) - Version: R1109
- HP Network Products
- JG928A HP 1920-48G-PoE+ (370W) Switch
- JG927A HP 1920-48G Switch
- JG926A HP 1920-24G-PoE+ (370W) Switch
- JG925A HP 1920-24G-PoE+ (180W) Switch
- JG924A HP 1920-24G Switch
- JG923A HP 1920-16G Switch
- JG922A HP 1920-8G-PoE+ (180W) Switch
- JG921A HP 1920-8G-PoE+ (65W) Switch
- JG920A HP 1920-8G Switch
- V1910 (Comware 5) - Version: R1516
- HP Network Products
- JE005A HP 1910-16G Switch
- JE006A HP 1910-24G Switch
- JE007A HP 1910-24G-PoE (365W) Switch
- JE008A HP 1910-24G-PoE(170W) Switch
- JE009A HP 1910-48G Switch
- JG348A HP 1910-8G Switch
- JG349A HP 1910-8G-PoE+ (65W) Switch
- JG350A HP 1910-8G-PoE+ (180W) Switch
- SMB 1620 (Comware 5) - Version: R1108
- HP Network Products
- JG914A HP 1620-48G Switch
- JG913A HP 1620-24G Switch
- JG912A HP 1620-8G Switch
COMWARE 7 Products
- 12500 (Comware 7) - Version: R7376
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- 10500 (Comware 7) - Version: R7170
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
- 12900 (Comware 7) - Version: R1138P01
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- 5900 (Comware 7) - Version: R2422P01
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- MSR1000 (Comware 7) - Version: R0305P04
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- MSR2000 (Comware 7) - Version: R0305P04
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- MSR3000 (Comware 7) - Version: R0305P04
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG407A HP MSR3024 DC Router
- JG408A HP MSR3024 PoE Router
- JG409A HP MSR3012 AC Router
- JG410A HP MSR3012 DC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- MSR4000 (Comware 7) - Version: R0305P04
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- VSR (Comware 7) - Version: E0321P01
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- 7900 (Comware 7) - Version: R2138P01
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- 5130 (Comware 7) - Version: R3109P16
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- 5700 (Comware 7) - Version: R2422P01
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- 5930 (Comware 7) - Version: R2422P01
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- HSR6600 (Comware 7) - Version: R7103P05
- HP Network Products
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- HSR6800 (Comware 7) - Version: R7103P05
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing
- JH075A HP HSR6800 RSE-X3 Router Main Processing Unit
- 1950 (Comware 7) - Version: R3109P16
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
- 7500 (Comware 7) - Version: R7170
- HP Network Products
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
iMC Products
- iMC Plat - Version: iMC Plat 7.1 E0303P16
- HP Network Products
- JD125A HP IMC Std S/W Platform w/100-node
- JD126A HP IMC Ent S/W Platform w/100-node
- JD808A HP IMC Ent Platform w/100-node License
- JD814A HP A-IMC Enterprise Edition Software DVD Media
- JD815A HP IMC Std Platform w/100-node License
- JD816A HP A-IMC Standard Edition Software DVD Media
- JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU
- JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU
- JF377A HP IMC Std S/W Platform w/100-node Lic
- JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU
- JF378A HP IMC Ent S/W Platform w/200-node Lic
- JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU
- JG546AAE HP IMC Basic SW Platform w/50-node E-LTU
- JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU
- JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU
- JG550AAE HP PMM to IMC Bsc WLM Upgr w/150AP E-LTU
- JG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU
- JG659AAE HP IMC Smart Connect VAE E-LTU
- JG660AAE HP IMC Smart Connect w/WLM VAE E-LTU
- JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU
- JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU
- JG766AAE HP IMC SmCnct Vrtl Applnc SW E-LTU
- JG767AAE HP IMC SmCnct WSM Vrtl Applnc SW E-LTU
- JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU
- iMC iNode - Version: iNode PC 7.1 E0313, or, iNode PC 7.2 (E0401)
- HP Network Products
- JD144A HP A-IMC User Access Management Software Module with 200-user License
- JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JD435A HP A-IMC Endpoint Admission Defense Client Software
- JF388A HP IMC User Authentication Management Software Module with 200-user License
- JF388AAE HP IMC User Authentication Management Software Module with 200-user E-LTU
- JF391A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JF391AAE HP IMC Endpoint Admission Defense Software Module with 200-user E-LTU
- JG752AAE HP IMC User Access Manager Software Module with 50-user E-LTU
- JG754AAE) HP IMC Endpoint Admission Defense Software Module with 50-user E-LTU
- iMC TAM_UAM - Version: iMC UAM_TAM 7.1 (E0307)
- HP Network Products
- JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE
- JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU
- JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU
- JG483A HP IMC TAM S/W MODULE W/100-NODE LIC
- JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU
- JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU
- iMC NSM - Version: iMC WSM 7.1 E0303P10
- HP Network Products
- JD456A HP IMC WSM Software Module with 50-Access Point License
- JF414A HP IMC Wireless Service Manager Software Module with 50-Access Point License
- JF414AAE HP IMC Wireless Service Manager Software Module with 50-Access Point E-LTU
- JG551AAE HP PCM+ Mobility Manager to IMC Wireless Service Manager Module Upgrade with 250 Access Point E-LTU
- JG758AAE HP IMC WSM/RTLS w/ 50-node E-LTU
- JG769AAE HP PCM Mobility Manager to IMC Wireless Service Manager Upg with 250-node E-LTU
VCX Products
- VCX - Version: 9.8.18
- HP Network Products
- J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
HISTORY Version:1 (rev.1) - 5 July 2016 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1p"
References
[ 1 ] CVE-2015-1793 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1793
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201507-15
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . The vulnerability could be exploited to allow remote authentication bypass.
Note: HP C.A. contains a version of Node.js, that when used in FIPS mode is affected by Alternative Chains Certificate Forgery Vulnerability (CVE-2015-1793). The patch is available from HP Software Support Online portal (HP SSO).
Note: This patch includes Node.js for FIPS mode that includes the newer version of OpenSSL (1.0.2d) which addresses the vulnerability. The bulletin does not apply to any other 3rd party application (e.g. operating system, web server, or application server) that may be required to be installed by the customer according instructions in the product install guide. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-15:12.openssl Security Advisory The FreeBSD Project
Topic: OpenSSL alternate chains certificate forgery vulnerability
Category: contrib Module: openssl Announced: 2015-07-09 Credits: Adam Langley/David Benjamin (Google/BoringSSL), OpenSSL Affects: FreeBSD 10.1-STABLE after 2015-06-11 and prior to the correction date. Corrected: 2015-07-09 17:17:22 UTC (stable/10, 10.2-PRERELEASE, 10.2-BETA1) CVE Name: CVE-2015-1793
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I. Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
II.
An error in the implementation of this logic could erroneously mark certificate as trusted when they should not.
III.
IV. Workaround
No workaround is available.
NOTE WELL: This issue does not affect earlier FreeBSD releases, including the supported 8.4, 9.3 and 10.1-RELEASE because the alternative certificate chain feature was not introduced in these releases. Only 10.1-STABLE after 2015-06-11 and prior to the correction date is affected.
V. Solution
Upgrade your vulnerable system to the latest supported FreeBSD stable/10 branch dated after the correction date.
Recompile the operating system using buildworld and installworld as described in .
Restart all deamons using the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/10/ r285330
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII.
This issue will impact any application that verifies certificates including SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.
OpenSSL 1.0.2b/1.0.2c users should upgrade to 1.0.2d OpenSSL 1.0.1n/1.0.1o users should upgrade to 1.0.1p
This issue was reported to OpenSSL on 24th June 2015 by Adam Langley/David Benjamin (Google/BoringSSL). The fix was developed by the BoringSSL project.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date. Users of these releases are advised to upgrade.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20150709.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201507-0348",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.8,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.8,
"vendor": "openssl",
"version": "1.0.1o"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.8,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.8,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "integrated lights out manager",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "3.2"
},
{
"model": "integrated lights out manager",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "3.0"
},
{
"model": "integrated lights out manager",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "3.1"
},
{
"model": "supply chain products suite",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6.2.0"
},
{
"model": "supply chain products suite",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6.1.2.2"
},
{
"model": "opus 10g ethernet switch family",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "2.0.0.6"
},
{
"model": "supply chain products suite",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6.1.3.0"
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.9,
"vendor": "juniper",
"version": null
},
{
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "5.6.25"
},
{
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "enterprise monitor 2.3.20"
},
{
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "enterprise monitor 3.0.22"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "base platform 11.1.0.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "base platform 11.2.0.4"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "base platform 12.1.0.4"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "base platform 12.1.0.5"
},
{
"model": "enterprise manager",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "grid control of oss support tools 8.8.15.7.15"
},
{
"model": "enterprise manager",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "ops center 12.1.4"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "ops center 12.2.0"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "ops center 12.2.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "ops center 12.3.0"
},
{
"model": "ethernet switch",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "es2-64 2.0.0.6"
},
{
"model": "ethernet switch",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "es2-72 2.0.0.6"
},
{
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle business intelligence enterprise edition 11.1.1.7.0"
},
{
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle business intelligence enterprise edition 11.1.1.9.0"
},
{
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle endeca server 7.3.0.0"
},
{
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle endeca server 7.4.0.0"
},
{
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle endeca server 7.5.0.0"
},
{
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle endeca server 7.6.0.0"
},
{
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle tuxedo 12.1.1.0"
},
{
"model": "jd edwards products",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of jd edwards world security a9.4"
},
{
"model": "peoplesoft products",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of peoplesoft enterprise peopletools 8.53"
},
{
"model": "peoplesoft products",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of peoplesoft enterprise peopletools 8.54"
},
{
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle agile engineering data management 6.1.2.2"
},
{
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle agile engineering data management 6.1.3.0"
},
{
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle agile engineering data management 6.2.0.0"
},
{
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle transportation management 6.1"
},
{
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle transportation management 6.2"
},
{
"model": "switch",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "es1-24 1.3.1.13"
},
{
"model": "sun blade 6000 ethernet switched nem 24p 10ge",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "1.2.2.13"
},
{
"model": "sun network 10ge switch 72p",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "1.2.2.15"
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0 manager component"
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver8.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series intersecvm/sg v1.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v4.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series sg3600lm/lg/lj v6.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series univerge sg3000lg/lj"
},
{
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "hs series"
},
{
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "nv7400/nv5400/nv3400 series"
},
{
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "nv7500/nv5500/nv3500 series"
},
{
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.0"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.01"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.02"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.1"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v4.2 to v6.5"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard edition v4.2 to v6.5"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard-j edition v4.1 to v6.5"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "uddi registry v1.1 to v7.1"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v4.1 to v6.5"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v7.1"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.2"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.2"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard edition v7.1"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard v8.2 to v9.2"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard-j edition v7.1 to v8.1"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v7.1 to v8.1"
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.4 to v9.2"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"model": "webotx sip application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard edition v7.1 to v8.1"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator ver3.1.0.x to ver4.1.0.x"
},
{
"model": "junos 12.1x46-d25",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "opus 10g ethernet switch family",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "2.0.0.6"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"model": "security network controller 1.0.3361m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.53"
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"model": "junos 12.1x44-d33",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "junos 12.1x47-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.4"
},
{
"model": "worklight foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.20"
},
{
"model": "junos 13.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.35"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.4"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "netinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"model": "agile engineering data management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.2.2"
},
{
"model": "ios xe",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.14"
},
{
"model": "rational automation framework ifix5",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"model": "rational automation framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13-34"
},
{
"model": "junos 12.1x44-d51",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "worklight foundation enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.20"
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational automation framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "imc products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.16-37"
},
{
"model": "digital media players 5.3 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "junos 12.1x44-d50",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.11"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "junos 12.3x48-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4-23"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.25-57"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-43"
},
{
"model": "telepresence conductor xc4.0",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.16"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"model": "ethernet switch es2-64",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.0.6"
},
{
"model": "ios xe",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.15"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.3"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "junos 12.3x48-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aspera enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.5"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "enterprise manager ops center",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.11-28"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "ethernet switch es2-72",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.0.6"
},
{
"model": "junos 15.1r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.36"
},
{
"model": "security network controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos 14.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5.1"
},
{
"model": "junos 14.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ethernet switch es2-64",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.9.1"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.5"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.34"
},
{
"model": "digital media players 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "rational automation framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "jd edwards world security a9.4",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "junos 13.3r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sun blade ethernet switched nem 24p 10ge",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "60000"
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "registered envelope service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4.1"
},
{
"model": "aspera orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ethernet switch es2-72",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.9.1"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "partner supporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.9.15.9.8"
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.15-36"
},
{
"model": "junos 12.1x44-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos d40",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos 12.1x44-d30.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1p",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 15.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network controller 1.0.3379m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "junos d20",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "comware products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "50"
},
{
"model": "prime network services controller 3.4.1c",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "endeca server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.6.0"
},
{
"model": "hp-ux b.11.11.16.09",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "rational automation framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.9"
},
{
"model": "webex messenger service ep1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9.9"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "switch es1-24",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2919"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "hp-ux b.11.11.13.14",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 14.1r6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.25"
},
{
"model": "comware products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "70"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "ios xe",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.13"
},
{
"model": "10.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "hp-ux b.11.23.1.007",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "endeca server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.5.0"
},
{
"model": "sun network 10ge switch 72p",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.4.2-4"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.29-9"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.7"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "industrial router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9100"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "security network controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security manager sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.8"
},
{
"model": "enterprise manager ops center",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "rational tau interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "local collector appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.10"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 13.2x51-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "junos 14.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise manager ops center",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x46-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "hp-ux b.11.11.02.008",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x44-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.0"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "aspera point to point",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.5"
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x46-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "netinsight",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.14"
},
{
"model": "junos 12.1x47-d11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "junos 12.3r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "esight network v300r003c10spc201",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "agile engineering data management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.3.0"
},
{
"model": "socialminer",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "junos 14.2r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "endeca server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.3.0"
},
{
"model": "aspera faspex application",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.2"
},
{
"model": "asa cx and cisco prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 13.2x51-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos 12.1x47-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "model d9485 davic qpsk",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.24"
},
{
"model": "junos d35",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "vcx products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "agile engineering data management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.0.0"
},
{
"model": "junos 12.1x47-d45",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "nexus series fex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "tuxedo",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.1.0"
},
{
"model": "security network controller 1.0.3381m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3"
},
{
"model": "junos 12.1x44-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise manager ops center",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1"
},
{
"model": "rational tau interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "junos 12.1x46-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "hp-ux b.11.11.17.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.18-49"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "virtual security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "puredata system for analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "industrial router 1.2.1rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "910"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.13-41"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.31"
},
{
"model": "hp-ux b.11.23.07.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "netezza host management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.7.0"
},
{
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.2d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"model": "junos 12.3x48-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9-34"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "security proventia network active bypass 0343c3c",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.23"
},
{
"model": "junos 12.1x46-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "junos 12.3r11",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aspera proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.2"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "junos 13.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "esight network v300r003c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"model": "junos 15.1x49-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "switch es1-24",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.3"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"model": "endeca server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.4"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-42"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "junos 14.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.4"
},
{
"model": "aspera enterprise server client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.5"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "worklight foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"model": "aspera ondemand",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.4"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "junos 12.3r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1876"
},
{
"model": "digital media players series 5.3 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "connected analytics for collaboration",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud service automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.5"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "worklight foundation enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "hp-ux b.11.11.14.15",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x44-d35.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "junos 12.3x48-d30",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.32"
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sun blade ethernet switched nem 24p 10ge",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "60001.2.2.13"
},
{
"model": "services analytic platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "switch es1-24",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "1.3.1.3"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.9"
},
{
"model": "security network controller 1.0.3376m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3379"
},
{
"model": "junos 13.2x51-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"model": "junos 12.1x46-d36",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "network performance analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "hp-ux b.11.11.15.13",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"model": "junos 15.1x49-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "model d9485 davic qpsk",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.2.19"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.1"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.33"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.6.0"
},
{
"model": "junos 12.1x46-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sun network 10ge switch 72p",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "1.2.2.15"
},
{
"model": "junos 12.1x47-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.3r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "digital media players series 5.3 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "junos 12.1x44-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "75652"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003487"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-298"
},
{
"db": "NVD",
"id": "CVE-2015-1793"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:supply_chain_products_suite:6.1.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:supply_chain_products_suite:6.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:supply_chain_products_suite:6.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:oracle:opus_10g_ethernet_switch_family:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.0.6",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1793"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adam Langley of Google and David Benjamin of BoringSSL.",
"sources": [
{
"db": "BID",
"id": "75652"
}
],
"trust": 0.3
},
"cve": "CVE-2015-1793",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-1793",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-79754",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-81961",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2015-1793",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-1793",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201507-298",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-79754",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-81961",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-1793",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-79754"
},
{
"db": "VULHUB",
"id": "VHN-81961"
},
{
"db": "VULMON",
"id": "CVE-2015-1793"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003487"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-298"
},
{
"db": "NVD",
"id": "CVE-2015-1793"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger unintended certificate verifications via a valid leaf certificate. OpenSSL Contains a certificate chain validation flaw. 2015 Year 7 Moon 9 Day, OpenSSL Project Than OpenSSL Security Advisory [9 Jul 2015] Has been published. OpenSSL Security Advisory [9 Jul 2015] https://www.openssl.org/news/secadv_20150709.txt According to the advisory, the following vulnerabilities have been fixed: OpenSSL 1.0.2d , 1.0.1p Has been released. Severity \u2212 High (Severity: High) \uff65 Alternative chains certificate forgery (CVE-2015-1793) OpenSSL Tries to build an alternative certificate chain if the certificate validation fails to build the first certificate chain, but there is a flaw in the implementation of this process. As a result, for example CA Flag FALSE A certificate issued using a certificate that is considered to be trusted is not detected as being invalid. CA May be treated as a certificate issued by.Man-in-the-middle attacks (man-in-the-middle attack) By HTTPS The contents of the communication may be viewed or altered. OpenSSL is prone to a security-bypass vulnerability because the application fails to properly verify SSL, TLS, and DTLS certificates. \nSuccessfully exploiting this issue allows attackers to perform man-in-the-middle attacks and bypass certain security restrictions. This may aid in further attacks. \nOpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n, and 1.0.1o are vulnerable. It supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, security hashing algorithm, etc. There is a security vulnerability in the TLS protocol 1.2 and earlier versions. The vulnerability comes from that when the server enables the DHE_EXPORT cipher suite, the program does not pass the DHE_EXPORT option correctly. Attackers can exploit this vulnerability to implement man-in-the-middle attacks and cipher-downgrade attacks by rewriting ClientHello (use DHE_EXPORT instead of DHE) and then rewrite ServerHello (use DHE instead of DHE_EXPORT). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04760669\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04760669\nVersion: 1\n\nHPSBUX03388 SSRT102180 rev.1 - HP-UX running OpenSSL, Remote Disclosure of\nInformation\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-08-05\nLast Updated: 2015-08-05\n\nPotential Security Impact: Remote disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running\nOpenSSL with SSL/TLS enabled. \n\nThis is the TLS vulnerability using US export-grade 512-bit keys in\nDiffie-Hellman key exchange known as Logjam which could be exploited remotely\nresulting in disclosure of information. \n\nReferences:\n\nCVE-2015-4000: DHE man-in-the-middle protection (Logjam). \nCVE-2015-1788: Malformed ECParameters causes infinite loop. \nCVE-2015-1789: Exploitable out-of-bounds read in X509_cmp_time. \nCVE-2015-1790: PKCS7 crash with missing EnvelopedContent\nCVE-2015-1791: Race condition handling NewSessionTicket\nCVE-2015-1792: CMS verify infinite loop with unknown hash function\nCVE-2015-1793: Alternative Chain Certificate Forgery. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-4000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2015-1788 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1791 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1793 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided an updated version of OpenSSL to resolve this vulnerability. \n\nA new B.11.31 depot for OpenSSL_A.01.00.01p is available here:\n\nhttps://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber\n=OPENSSL11I\n\nMANUAL ACTIONS: Yes - Update\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.31\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.01.00.01p or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 5 August 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niEYEARECAAYFAlXCSD4ACgkQ4B86/C0qfVlKnQCg5XcK1amrTACEyDY3QtJF75u2\nL90AnAgGXxSCZgBVzDQCAezbHbrHPwtg\n=74KM\n-----END PGP SIGNATURE-----\n. The\nvulnerabilities could be exploited remotely resulting in Denial of Service\n(DoS) or unauthorized access. \n\nReferences:\n\n - CVE-2014-8176 - Remote Denial of Service (DoS)\n - CVE-2015-1788 - Remote Denial of Service (DoS)\n - CVE-2015-1789 - Remote Denial of Service (DoS)\n - CVE-2015-1790 - Remote Denial of Service (DoS)\n - CVE-2015-1791 - Remote Denial of Service (DoS)\n - CVE-2015-1792 - Remote Denial of Service (DoS)\n - CVE-2015-1793 - Remote Unauthorized Access\n - PSRT110158, SSRT102264\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nPlease refer to the RESOLUTION\n below for a list of impacted products. \n\n**COMWARE 5 Products**\n\n + **A6600 (Comware 5) - Version: R3303P23**\n * HP Network Products\n - JC165A HP 6600 RPE-X1 Router Module\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JC566A HP 6600 RSE-X1 Router Main Processing Unit\n - JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit\n - JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit\n + **HSR6602 (Comware 5) - Version: R3303P23**\n * HP Network Products\n - JC176A HP 6602 Router Chassis\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG355A HP 6600 MCP-X1 Router Main Processing Unit\n - JG356A HP 6600 MCP-X2 Router Main Processing Unit\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n - JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit\n + **HSR6800 (Comware 5) - Version: R3303P23**\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit\n + **MSR20 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD432A HP A-MSR20-21 Router\n - JD662A HP MSR20-20 Router\n - JD663A HP A-MSR20-21 Router\n - JD663B HP MSR20-21 Router\n - JD664A HP MSR20-40 Router\n - JF228A HP MSR20-40 Router\n - JF283A HP MSR20-20 Router\n + **MSR20-1X (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD431A HP MSR20-10 Router\n - JD667A HP MSR20-15 IW Multi-Service Router\n - JD668A HP MSR20-13 Multi-Service Router\n - JD669A HP MSR20-13 W Multi-Service Router\n - JD670A HP MSR20-15 A Multi-Service Router\n - JD671A HP MSR20-15 AW Multi-Service Router\n - JD672A HP MSR20-15 I Multi-Service Router\n - JD673A HP MSR20-11 Multi-Service Router\n - JD674A HP MSR20-12 Multi-Service Router\n - JD675A HP MSR20-12 W Multi-Service Router\n - JD676A HP MSR20-12 T1 Multi-Service Router\n - JF236A HP MSR20-15-I Router\n - JF237A HP MSR20-15-A Router\n - JF238A HP MSR20-15-I-W Router\n - JF239A HP MSR20-11 Router\n - JF240A HP MSR20-13 Router\n - JF241A HP MSR20-12 Router\n - JF806A HP MSR20-12-T Router\n - JF807A HP MSR20-12-W Router\n - JF808A HP MSR20-13-W Router\n - JF809A HP MSR20-15-A-W Router\n - JF817A HP MSR20-15 Router\n - JG209A HP MSR20-12-T-W Router (NA)\n - JG210A HP MSR20-13-W Router (NA)\n + **MSR 30 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD654A HP MSR30-60 POE Multi-Service Router\n - JD657A HP MSR30-40 Multi-Service Router\n - JD658A HP MSR30-60 Multi-Service Router\n - JD660A HP MSR30-20 POE Multi-Service Router\n - JD661A HP MSR30-40 POE Multi-Service Router\n - JD666A HP MSR30-20 Multi-Service Router\n - JF229A HP MSR30-40 Router\n - JF230A HP MSR30-60 Router\n - JF232A HP RTMSR3040-AC-OVSAS-H3\n - JF235A HP MSR30-20 DC Router\n - JF284A HP MSR30-20 Router\n - JF287A HP MSR30-40 DC Router\n - JF801A HP MSR30-60 DC Router\n - JF802A HP MSR30-20 PoE Router\n - JF803A HP MSR30-40 PoE Router\n - JF804A HP MSR30-60 PoE Router\n - JG728A HP MSR30-20 TAA-compliant DC Router\n - JG729A HP MSR30-20 TAA-compliant Router\n + **MSR 30-16 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD659A HP MSR30-16 POE Multi-Service Router\n - JD665A HP MSR30-16 Multi-Service Router\n - JF233A HP MSR30-16 Router\n - JF234A HP MSR30-16 PoE Router\n + **MSR 30-1X (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JF800A HP MSR30-11 Router\n - JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\n - JG182A HP MSR30-11E Router\n - JG183A HP MSR30-11F Router\n - JG184A HP MSR30-10 DC Router\n + **MSR 50 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD433A HP MSR50-40 Router\n - JD653A HP MSR50 Processor Module\n - JD655A HP MSR50-40 Multi-Service Router\n - JD656A HP MSR50-60 Multi-Service Router\n - JF231A HP MSR50-60 Router\n - JF285A HP MSR50-40 DC Router\n - JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n + **MSR 50-G2 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JD429A HP MSR50 G2 Processor Module\n - JD429B HP MSR50 G2 Processor Module\n + **MSR 9XX (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JF812A HP MSR900 Router\n - JF813A HP MSR920 Router\n - JF814A HP MSR900-W Router\n - JF815A HP MSR920 2FEWAN/8FELAN/.11 b/g Rtr\n - JG207A HP MSR900-W Router (NA)\n - JG208A HP MSR920-W Router (NA)\n + **MSR 93X (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JG511A HP MSR930 Router\n - JG511B HP MSR930 Router\n - JG512A HP MSR930 Wireless Router\n - JG513A HP MSR930 3G Router\n - JG513B HP MSR930 3G Router\n - JG514A HP MSR931 Router\n - JG514B HP MSR931 Router\n - JG515A HP MSR931 3G Router\n - JG516A HP MSR933 Router\n - JG517A HP MSR933 3G Router\n - JG518A HP MSR935 Router\n - JG518B HP MSR935 Router\n - JG519A HP MSR935 Wireless Router\n - JG520A HP MSR935 3G Router\n - JG531A HP MSR931 Dual 3G Router\n - JG531B HP MSR931 Dual 3G Router\n - JG596A HP MSR930 4G LTE/3G CDMA Router\n - JG597A HP MSR936 Wireless Router\n - JG665A HP MSR930 4G LTE/3G WCDMA Global Router\n - JG704A HP MSR930 4G LTE/3G WCDMA ATT Router\n - JH009A HP MSR931 Serial (TI) Router\n - JH010A HP MSR933 G.SHDSL (TI) Router\n - JH011A HP MSR935 ADSL2+ (TI) Router\n - JH012A HP MSR930 Wireless 802.11n (NA) Router\n - JH012B HP MSR930 Wireless 802.11n (NA) Router\n - JH013A HP MSR935 Wireless 802.11n (NA) Router\n + **MSR1000 (Comware 5) - Version: R2514P10**\n * HP Network Products\n - JG732A HP MSR1003-8 AC Router\n + **12500 (Comware 5) - Version: R1829P01**\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JC808A HP 12500 TAA Main Processing Unit\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n + **9500E (Comware 5) - Version: R1829P01**\n * HP Network Products\n - JC124A HP A9508 Switch Chassis\n - JC124B HP 9505 Switch Chassis\n - JC125A HP A9512 Switch Chassis\n - JC125B HP 9512 Switch Chassis\n - JC474A HP A9508-V Switch Chassis\n - JC474B HP 9508-V Switch Chassis\n + **10500 (Comware 5) - Version: R1210P01**\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC614A HP 10500 Main Processing Unit\n - JC748A HP 10512 Switch Chassis\n - JG375A HP 10500 TAA-compliant Main Processing Unit\n - JG820A HP 10504 TAA-compliant Switch Chassis\n - JG821A HP 10508 TAA-compliant Switch Chassis\n - JG822A HP 10508-V TAA-compliant Switch Chassis\n - JG823A HP 10512 TAA-compliant Switch Chassis\n + **7500 (Comware 5) - Version: R6710P01**\n * HP Network Products\n - JC666A HP 7503-S 144Gbps Fabric/MPU with PoE Upgradable 20-port\nGig-T/4-port GbE Combo\n - JC697A HP 7502 TAA-compliant Main Processing Unit\n - JC698A HP 7503-S 144Gbps TAA Fabric / MPU with 16 GbE SFP Ports and 8\nGbE Combo Ports\n - JC699A HP 7500 384Gbps TAA-compliant Fabric / MPU with 2 10GbE XFP\nPorts\n - JC700A HP 7500 384Gbps TAA-compliant Fabric / Main Processing Unit\n - JC701A HP 7500 768Gbps TAA-compliant Fabric / Main Processing Unit\n - JD193A HP 7500 384Gbps Fabric Module with 2 XFP Ports\n - JD193B HP 7500 384Gbps Fabric Module with 2 XFP Ports\n - JD194A HP 7500 384Gbps Fabric Module\n - JD194B HP 7500 384Gbps Fabric Module\n - JD195A HP 7500 384Gbps Advanced Fabric Module\n - JD196A HP 7502 Fabric Module\n - JD220A HP 7500 768Gbps Fabric Module\n - JD224A HP 7500 384Gbps Fabric Module with 12 SFP Ports\n - JD238A HP 7510 Switch Chassis\n - JD238B HP 7510 Switch Chassis\n - JD239A HP 7506 Switch Chassis\n - JD239B HP 7506 Switch Chassis\n - JD240A HP 7503 Switch Chassis\n - JD240B HP 7503 Switch Chassis\n - JD241A HP 7506-V Switch Chassis\n - JD241B HP 7506-V Switch Chassis\n - JD242A HP 7502 Switch Chassis\n - JD242B HP 7502 Switch Chassis\n - JD243A HP 7503-S Switch Chassis with 1 Fabric Slot\n - JD243B HP 7503-S Switch Chassis with 1 Fabric Slot\n - JE164A HP E7902 Switch Chassis\n - JE165A HP E7903 Switch Chassis\n - JE166A HP E7903 1 Fabric Slot Switch Chassis\n - JE167A HP E7906 Switch Chassis\n - JE168A HP E7906 Vertical Switch Chassis\n - JE169A HP E7910 Switch Chassis\n + **5830 (Comware 5) - Version: R1118P13**\n * HP Network Products\n - JC691A HP 5830AF-48G Switch with 1 Interface Slot\n - JC694A HP 5830AF-96G Switch\n - JG316A HP 5830AF-48G TAA-compliant Switch w/1 Interface Slot\n - JG374A HP 5830AF-96G TAA-compliant Switch\n + **5800 (Comware 5) - Version: R1809P11**\n * HP Network Products\n - JC099A HP 5800-24G-PoE Switch\n - JC099B HP 5800-24G-PoE+ Switch\n - JC100A HP 5800-24G Switch\n - JC100B HP 5800-24G Switch\n - JC101A HP 5800-48G Switch with 2 Slots\n - JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots\n - JC103A HP 5800-24G-SFP Switch\n - JC103B HP 5800-24G-SFP Switch with 1 Interface Slot\n - JC104A HP 5800-48G-PoE Switch\n - JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot\n - JC105A HP 5800-48G Switch\n - JC105B HP 5800-48G Switch with 1 Interface Slot\n - JG254A HP 5800-24G-PoE+ TAA-compliant Switch\n - JG254B HP 5800-24G-PoE+ TAA-compliant Switch\n - JG255A HP 5800-24G TAA-compliant Switch\n - JG255B HP 5800-24G TAA-compliant Switch\n - JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot\n - JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot\n - JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot\n - JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot\n - JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot\n - JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot\n - JG225A HP 5800AF-48G Switch\n - JG225B HP 5800AF-48G Switch\n - JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots\n - JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface\n - JG243A HP 5820-24XG-SFP+ TAA-compliant Switch\n - JG243B HP 5820-24XG-SFP+ TAA-compliant Switch\n - JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots\n\u0026 1 OAA Slot\n - JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots\nand 1 OAA Slot\n - JC106A HP 5820-14XG-SFP+ Switch with 2 Slots\n - JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots \u0026 1 OAA Slot\n - JG219A HP 5820AF-24XG Switch\n - JG219B HP 5820AF-24XG Switch\n - JC102A HP 5820-24XG-SFP+ Switch\n - JC102B HP 5820-24XG-SFP+ Switch\n + **5500 HI (Comware 5) - Version: R5501P17**\n * HP Network Products\n - JG311A HP 5500-24G-4SFP HI Switch with 2 Interface Slots\n - JG312A HP 5500-48G-4SFP HI Switch with 2 Interface Slots\n - JG541A HP 5500-24G-PoE+-4SFP HI Switch with 2 Interface Slots\n - JG542A HP 5500-48G-PoE+-4SFP HI Switch with 2 Interface Slots\n - JG543A HP 5500-24G-SFP HI Switch with 2 Interface Slots\n - JG679A HP 5500-24G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface\nSlots\n - JG680A HP 5500-48G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface\nSlots\n - JG681A HP 5500-24G-SFP HI TAA-compliant Switch with 2 Interface Slots\n + **5500 EI (Comware 5) - Version: R2221P19**\n * HP Network Products\n - JD373A HP 5500-24G DC EI Switch\n - JD374A HP 5500-24G-SFP EI Switch\n - JD375A HP 5500-48G EI Switch\n - JD376A HP 5500-48G-PoE EI Switch\n - JD377A HP 5500-24G EI Switch\n - JD378A HP 5500-24G-PoE EI Switch\n - JD379A HP 5500-24G-SFP DC EI Switch\n - JG240A HP 5500-48G-PoE+ EI Switch with 2 Interface Slots\n - JG241A HP 5500-24G-PoE+ EI Switch with 2 Interface Slots\n - JG249A HP 5500-24G-SFP EI TAA-compliant Switch with 2 Interface\n - JG250A HP 5500-24G EI TAA-compliant Switch with 2 Interface Slots\n - JG251A HP 5500-48G EI TAA-compliant Switch with 2 Interface Slots\n - JG252A HP 5500-24G-PoE+ EI TAA-compliant Switch with 2 Interface\nSlots\n - JG253A HP 5500-48G-PoE+ EI TAA-compliant Switch with 2 Interface\nSlots\n + **4800G (Comware 5) - Version: R2221P19**\n * HP Network Products\n - JD007A HP 4800-24G Switch\n - JD008A HP 4800-24G-PoE Switch\n - JD009A HP 4800-24G-SFP Switch\n - JD010A HP 4800-48G Switch\n - JD011A HP 4800-48G-PoE Switch\n + **5500SI (Comware 5) - Version: R2221P20**\n * HP Network Products\n - JD369A HP 5500-24G SI Switch\n - JD370A HP 5500-48G SI Switch\n - JD371A HP 5500-24G-PoE SI Switch\n - JD372A HP 5500-48G-PoE SI Switch\n - JG238A HP 5500-24G-PoE+ SI Switch with 2 Interface Slots\n - JG239A HP 5500-48G-PoE+ SI Switch with 2 Interface Slots\n + **4500G (Comware 5) - Version: R2221P20**\n * HP Network Products\n - JF428A HP 4510-48G Switch\n - JF847A HP 4510-24G Switch\n + **5120 EI (Comware 5) - Version: R2221P20**\n * HP Network Products\n - JE066A HP 5120-24G EI Switch\n - JE067A HP 5120-48G EI Switch\n - JE068A HP 5120-24G EI Switch with 2 Interface Slots\n - JE069A HP 5120-48G EI Switch with 2 Interface Slots\n - JE070A HP 5120-24G-PoE EI 2-slot Switch\n - JE071A HP 5120-48G-PoE EI 2-slot Switch\n - JG236A HP 5120-24G-PoE+ EI Switch with 2 Interface Slots\n - JG237A HP 5120-48G-PoE+ EI Switch with 2 Interface Slots\n - JG245A HP 5120-24G EI TAA-compliant Switch with 2 Interface Slots\n - JG246A HP 5120-48G EI TAA-compliant Switch with 2 Interface Slots\n - JG247A HP 5120-24G-PoE+ EI TAA-compliant Switch with 2 Slots\n - JG248A HP 5120-48G-PoE+ EI TAA-compliant Switch with 2 Slots\n + **4210G (Comware 5) - Version: R2221P20**\n * HP Network Products\n - JF844A HP 4210-24G Switch\n - JF845A HP 4210-48G Switch\n - JF846A HP 4210-24G-PoE Switch\n + **5120 SI (Comware 5) - Version: R1516**\n * HP Network Products\n - JE072A HP 5120-48G SI Switch\n - JE072B HPE 5120 48G SI Switch\n - JE073A HP 5120-16G SI Switch\n - JE073B HPE 5120 16G SI Switch\n - JE074A HP 5120-24G SI Switch\n - JE074B HPE 5120 24G SI Switch\n - JG091A HP 5120-24G-PoE+ (370W) SI Switch\n - JG091B HPE 5120 24G PoE+ (370W) SI Switch\n - JG092A HP 5120-24G-PoE+ (170W) SI Switch\n - JG309B HPE 5120 8G PoE+ (180W) SI Switch\n - JG310B HPE 5120 8G PoE+ (65W) SI Switch\n + **3610 (Comware 5) - Version: R5319P14**\n * HP Network Products\n - JD335A HP 3610-48 Switch\n - JD336A HP 3610-24-4G-SFP Switch\n - JD337A HP 3610-24-2G-2G-SFP Switch\n - JD338A HP 3610-24-SFP Switch\n + **3600V2 (Comware 5) - Version: R2110P06**\n * HP Network Products\n - JG299A HP 3600-24 v2 EI Switch\n - JG299B HP 3600-24 v2 EI Switch\n - JG300A HP 3600-48 v2 EI Switch\n - JG300B HP 3600-48 v2 EI Switch\n - JG301A HP 3600-24-PoE+ v2 EI Switch\n - JG301B HP 3600-24-PoE+ v2 EI Switch\n - JG301C HP 3600-24-PoE+ v2 EI Switch\n - JG302A HP 3600-48-PoE+ v2 EI Switch\n - JG302B HP 3600-48-PoE+ v2 EI Switch\n - JG302C HP 3600-48-PoE+ v2 EI Switch\n - JG303A HP 3600-24-SFP v2 EI Switch\n - JG303B HP 3600-24-SFP v2 EI Switch\n - JG304A HP 3600-24 v2 SI Switch\n - JG304B HP 3600-24 v2 SI Switch\n - JG305A HP 3600-48 v2 SI Switch\n - JG305B HP 3600-48 v2 SI Switch\n - JG306A HP 3600-24-PoE+ v2 SI Switch\n - JG306B HP 3600-24-PoE+ v2 SI Switch\n - JG306C HP 3600-24-PoE+ v2 SI Switch\n - JG307A HP 3600-48-PoE+ v2 SI Switch\n - JG307B HP 3600-48-PoE+ v2 SI Switch\n - JG307C HP 3600-48-PoE+ v2 SI Switch\n + **3100V2-48 (Comware 5) - Version: R2110P06**\n * HP Network Products\n - JG315A HP 3100-48 v2 Switch\n - JG315B HP 3100-48 v2 Switch\n + **HP870 (Comware 5) - Version: R2607P46**\n * HP Network Products\n - JG723A HP 870 Unified Wired-WLAN Appliance\n - JG725A HP 870 Unified Wired-WLAN TAA-compliant Appliance\n + **HP850 (Comware 5) - Version: R2607P46**\n * HP Network Products\n - JG722A HP 850 Unified Wired-WLAN Appliance\n - JG724A HP 850 Unified Wired-WLAN TAA-compliant Appliance\n + **HP830 (Comware 5) - Version: R3507P46**\n * HP Network Products\n - JG640A HP 830 24-Port PoE+ Unified Wired-WLAN Switch\n - JG641A HP 830 8-port PoE+ Unified Wired-WLAN Switch\n - JG646A HP 830 24-Port PoE+ Unified Wired-WLAN TAA-compliant Switch\n - JG647A HP 830 8-Port PoE+ Unified Wired-WLAN TAA-compliant\n + **HP6000 (Comware 5) - Version: R2507P46**\n * HP Network Products\n - JG639A HP 10500/7500 20G Unified Wired-WLAN Module\n - JG645A HP 10500/7500 20G Unified Wired-WLAN TAA-compliant Module\n + **WX5004-EI (Comware 5) - Version: R2507P46**\n * HP Network Products\n - JD447B HP WX5002 Access Controller\n - JD448A HP WX5004 Access Controller\n - JD448B HP WX5004 Access Controller\n - JD469A HP WX5004 Access Controller\n + **SecBlade FW (Comware 5) - Version: R3181P07**\n * HP Network Products\n - JC635A HP 12500 VPN Firewall Module\n - JD245A HP 9500 VPN Firewall Module\n - JD249A HP 10500/7500 Advanced VPN Firewall Module\n - JD250A HP 6600 Firewall Processing Router Module\n - JD251A HP 8800 Firewall Processing Module\n - JD255A HP 5820 VPN Firewall Module\n + **F1000-E (Comware 5) - Version: R3181P07**\n * HP Network Products\n - JD272A HP F1000-E VPN Firewall Appliance\n + **F1000-A-EI (Comware 5) - Version: R3734P08**\n * HP Network Products\n - JG214A HP F1000-A-EI VPN Firewall Appliance\n + **F1000-S-EI (Comware 5) - Version: R3734P08**\n * HP Network Products\n - JG213A HP F1000-S-EI VPN Firewall Appliance\n + **F5000-A (Comware 5) - Version: F3210P26**\n * HP Network Products\n - JD259A HP A5000-A5 VPN Firewall Chassis\n - JG215A HP F5000 Firewall Main Processing Unit\n - JG216A HP F5000 Firewall Standalone Chassis\n + **U200S and CS (Comware 5) - Version: F5123P33**\n * HP Network Products\n - JD273A HP U200-S UTM Appliance\n + **U200A and M (Comware 5) - Version: F5123P33**\n * HP Network Products\n - JD275A HP U200-A UTM Appliance\n + **F5000-C/S (Comware 5) - Version: R3811P05**\n * HP Network Products\n - JG650A HP F5000-C VPN Firewall Appliance\n - JG370A HP F5000-S VPN Firewall Appliance\n + **SecBlade III (Comware 5) - Version: R3820P06**\n * HP Network Products\n - JG371A HP 12500 20Gbps VPN Firewall Module\n - JG372A HP 10500/11900/7500 20Gbps VPN Firewall Module\n + **6600 RSE RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JC566A HP 6600 RSE-X1 Router Main Processing Unit\n - JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit\n + **6600 RPE RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JC165A) HP 6600 RPE-X1 Router Module\n - JG781A) HP 6600 RPE-X1 TAA-compliant Main Processing Unit\n + **6602 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JC176A) HP 6602 Router Chassis\n + **HSR6602 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG355A HP 6600 MCP-X1 Router Main Processing Unit\n - JG356A HP 6600 MCP-X2 Router Main Processing Unit\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n - JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit\n + **HSR6800 RU (Comware 5 Low Encryption SW) - Version: R3303P23-RU**\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit\n + **SMB1910 (Comware 5) - Version: R1111**\n * HP Network Products\n - JG540A HP 1910-48 Switch\n - JG539A HP 1910-24-PoE+ Switch\n - JG538A HP 1910-24 Switch\n - JG537A HP 1910-8 -PoE+ Switch\n - JG536A HP 1910-8 Switch\n + **SMB1920 (Comware 5) - Version: R1109**\n * HP Network Products\n - JG928A HP 1920-48G-PoE+ (370W) Switch\n - JG927A HP 1920-48G Switch\n - JG926A HP 1920-24G-PoE+ (370W) Switch\n - JG925A HP 1920-24G-PoE+ (180W) Switch\n - JG924A HP 1920-24G Switch\n - JG923A HP 1920-16G Switch\n - JG922A HP 1920-8G-PoE+ (180W) Switch\n - JG921A HP 1920-8G-PoE+ (65W) Switch\n - JG920A HP 1920-8G Switch\n + **V1910 (Comware 5) - Version: R1516**\n * HP Network Products\n - JE005A HP 1910-16G Switch\n - JE006A HP 1910-24G Switch\n - JE007A HP 1910-24G-PoE (365W) Switch\n - JE008A HP 1910-24G-PoE(170W) Switch\n - JE009A HP 1910-48G Switch\n - JG348A HP 1910-8G Switch\n - JG349A HP 1910-8G-PoE+ (65W) Switch\n - JG350A HP 1910-8G-PoE+ (180W) Switch\n + **SMB 1620 (Comware 5) - Version: R1108**\n * HP Network Products\n - JG914A HP 1620-48G Switch\n - JG913A HP 1620-24G Switch\n - JG912A HP 1620-8G Switch\n\n**COMWARE 7 Products**\n\n + **12500 (Comware 7) - Version: R7376**\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n + **10500 (Comware 7) - Version: R7170**\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n + **12900 (Comware 7) - Version: R1138P01**\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n + **5900 (Comware 7) - Version: R2422P01**\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n + **MSR1000 (Comware 7) - Version: R0305P04**\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n + **MSR2000 (Comware 7) - Version: R0305P04**\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n + **MSR3000 (Comware 7) - Version: R0305P04**\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG407A HP MSR3024 DC Router\n - JG408A HP MSR3024 PoE Router\n - JG409A HP MSR3012 AC Router\n - JG410A HP MSR3012 DC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n + **MSR4000 (Comware 7) - Version: R0305P04**\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n + **VSR (Comware 7) - Version: E0321P01**\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n + **7900 (Comware 7) - Version: R2138P01**\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n + **5130 (Comware 7) - Version: R3109P16**\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n + **5700 (Comware 7) - Version: R2422P01**\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n + **5930 (Comware 7) - Version: R2422P01**\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n + **HSR6600 (Comware 7) - Version: R7103P05**\n * HP Network Products\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n + **HSR6800 (Comware 7) - Version: R7103P05**\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing\n - JH075A HP HSR6800 RSE-X3 Router Main Processing Unit\n + **1950 (Comware 7) - Version: R3109P16**\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n + **7500 (Comware 7) - Version: R7170**\n * HP Network Products\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n\n**iMC Products**\n\n + **iMC Plat - Version: iMC Plat 7.1 E0303P16**\n * HP Network Products\n - JD125A HP IMC Std S/W Platform w/100-node\n - JD126A HP IMC Ent S/W Platform w/100-node\n - JD808A HP IMC Ent Platform w/100-node License\n - JD814A HP A-IMC Enterprise Edition Software DVD Media\n - JD815A HP IMC Std Platform w/100-node License\n - JD816A HP A-IMC Standard Edition Software DVD Media\n - JF288AAE HP Network Director to Intelligent Management Center\nUpgrade E-LTU\n - JF289AAE HP Enterprise Management System to Intelligent Management\nCenter Upgrade E-LTU\n - JF377A HP IMC Std S/W Platform w/100-node Lic\n - JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU\n - JF378A HP IMC Ent S/W Platform w/200-node Lic\n - JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU\n - JG546AAE HP IMC Basic SW Platform w/50-node E-LTU\n - JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU\n - JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU\n - JG550AAE HP PMM to IMC Bsc WLM Upgr w/150AP E-LTU\n - JG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU\n - JG659AAE HP IMC Smart Connect VAE E-LTU\n - JG660AAE HP IMC Smart Connect w/WLM VAE E-LTU\n - JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU\n - JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU\n - JG766AAE HP IMC SmCnct Vrtl Applnc SW E-LTU\n - JG767AAE HP IMC SmCnct WSM Vrtl Applnc SW E-LTU\n - JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU\n + **iMC iNode - Version: iNode PC 7.1 E0313, or, iNode PC 7.2 (E0401)**\n * HP Network Products\n - JD144A HP A-IMC User Access Management Software Module with 200-user\nLicense\n - JD147A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JD435A HP A-IMC Endpoint Admission Defense Client Software\n - JF388A HP IMC User Authentication Management Software Module with\n200-user License\n - JF388AAE HP IMC User Authentication Management Software Module with\n200-user E-LTU\n - JF391A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JF391AAE HP IMC Endpoint Admission Defense Software Module with\n200-user E-LTU\n - JG752AAE HP IMC User Access Manager Software Module with 50-user\nE-LTU\n - JG754AAE) HP IMC Endpoint Admission Defense Software Module with\n50-user E-LTU\n + **iMC TAM_UAM - Version: iMC UAM_TAM 7.1 (E0307)**\n * HP Network Products\n - JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE\n - JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU\n - JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU\n - JG483A HP IMC TAM S/W MODULE W/100-NODE LIC\n - JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU\n - JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU\n + **iMC NSM - Version: iMC WSM 7.1 E0303P10**\n * HP Network Products\n - JD456A HP IMC WSM Software Module with 50-Access Point License\n - JF414A HP IMC Wireless Service Manager Software Module with 50-Access\nPoint License\n - JF414AAE HP IMC Wireless Service Manager Software Module with\n50-Access Point E-LTU\n - JG551AAE HP PCM+ Mobility Manager to IMC Wireless Service Manager\nModule Upgrade with 250 Access Point E-LTU\n - JG758AAE HP IMC WSM/RTLS w/ 50-node E-LTU\n - JG769AAE HP PCM Mobility Manager to IMC Wireless Service Manager Upg\nwith 250-node E-LTU\n\n**VCX Products**\n\n + **VCX - Version: 9.8.18**\n * HP Network Products\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n\nHISTORY\nVersion:1 (rev.1) - 5 July 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.1p\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-1793\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1793\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201507-15\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. The vulnerability could be exploited to allow remote\nauthentication bypass. \n\nNote: HP C.A. contains a version of Node.js, that when used in FIPS mode is\naffected by Alternative Chains Certificate Forgery Vulnerability\n(CVE-2015-1793). The patch\nis available from HP Software Support Online portal (HP SSO). \n\nNote: This patch includes Node.js for FIPS mode that includes the newer\nversion of OpenSSL (1.0.2d) which addresses the vulnerability. The bulletin does not apply to any other 3rd party application\n(e.g. operating system, web server, or application server) that may be\nrequired to be installed by the customer according instructions in the\nproduct install guide. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-15:12.openssl Security Advisory\n The FreeBSD Project\n\nTopic: OpenSSL alternate chains certificate forgery vulnerability\n\nCategory: contrib\nModule: openssl\nAnnounced: 2015-07-09\nCredits: Adam Langley/David Benjamin (Google/BoringSSL), OpenSSL\nAffects: FreeBSD 10.1-STABLE after 2015-06-11 and prior to the\n correction date. \nCorrected: 2015-07-09 17:17:22 UTC (stable/10, 10.2-PRERELEASE,\n 10.2-BETA1)\nCVE Name: CVE-2015-1793\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nI. Background\n\nFreeBSD includes software from the OpenSSL Project. The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured\nOpen Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nII. \n\nAn error in the implementation of this logic could erroneously mark\ncertificate as trusted when they should not. \n\nIII. \n\nIV. Workaround\n\nNo workaround is available. \n\nNOTE WELL: This issue does not affect earlier FreeBSD releases, including the\nsupported 8.4, 9.3 and 10.1-RELEASE because the alternative certificate chain\nfeature was not introduced in these releases. Only 10.1-STABLE after\n2015-06-11 and prior to the correction date is affected. \n\nV. Solution\n\nUpgrade your vulnerable system to the latest supported FreeBSD stable/10\nbranch dated after the correction date. \n\nRecompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all deamons using the library, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/10/ r285330\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. \n\nThis issue will impact any application that verifies certificates including\nSSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication. \n\nOpenSSL 1.0.2b/1.0.2c users should upgrade to 1.0.2d\nOpenSSL 1.0.1n/1.0.1o users should upgrade to 1.0.1p\n\nThis issue was reported to OpenSSL on 24th June 2015 by Adam Langley/David\nBenjamin (Google/BoringSSL). The fix was developed by the BoringSSL project. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions\n1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these\nreleases will be provided after that date. Users of these releases are advised\nto upgrade. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20150709.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1793"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003487"
},
{
"db": "BID",
"id": "75652"
},
{
"db": "VULHUB",
"id": "VHN-79754"
},
{
"db": "VULHUB",
"id": "VHN-81961"
},
{
"db": "VULMON",
"id": "CVE-2015-1793"
},
{
"db": "PACKETSTORM",
"id": "132973"
},
{
"db": "PACKETSTORM",
"id": "137772"
},
{
"db": "PACKETSTORM",
"id": "132642"
},
{
"db": "PACKETSTORM",
"id": "133793"
},
{
"db": "PACKETSTORM",
"id": "132646"
},
{
"db": "PACKETSTORM",
"id": "132625"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-79754",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-81961",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=38640",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-79754"
},
{
"db": "VULHUB",
"id": "VHN-81961"
},
{
"db": "VULMON",
"id": "CVE-2015-1793"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-1793",
"trust": 3.6
},
{
"db": "JUNIPER",
"id": "JSA10694",
"trust": 1.5
},
{
"db": "BID",
"id": "75652",
"trust": 1.5
},
{
"db": "BID",
"id": "91787",
"trust": 1.3
},
{
"db": "EXPLOIT-DB",
"id": "38640",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1032817",
"trust": 1.2
},
{
"db": "MCAFEE",
"id": "SB10125",
"trust": 1.2
},
{
"db": "JVN",
"id": "JVNVU99160787",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003487",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201507-298",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "132625",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "133793",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132642",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132646",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132843",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134250",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132634",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-79754",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032864",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033341",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032777",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032727",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032871",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032475",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032783",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032653",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032702",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033222",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032865",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033065",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033208",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033019",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033991",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032759",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1040630",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032910",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033067",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032637",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033064",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032654",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032656",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1034087",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032932",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033385",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032652",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032688",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032699",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032649",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032960",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032647",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032474",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033210",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032778",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033416",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033891",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032884",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032651",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033760",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033433",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032476",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032784",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1036218",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032856",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033430",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1034884",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032655",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032650",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032648",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033513",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1033209",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1032645",
"trust": 0.1
},
{
"db": "SECTRACK",
"id": "1034728",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132413",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132649",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132586",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132164",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132610",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135506",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136247",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137744",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132439",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139002",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135510",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132465",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133338",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132468",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134232",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134902",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136975",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134755",
"trust": 0.1
},
{
"db": "JUNIPER",
"id": "JSA10681",
"trust": 0.1
},
{
"db": "JUNIPER",
"id": "JSA10727",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201505-428",
"trust": 0.1
},
{
"db": "BID",
"id": "74733",
"trust": 0.1
},
{
"db": "MCAFEE",
"id": "SB10122",
"trust": 0.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2015/05/20/8",
"trust": 0.1
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-81961",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-1793",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132973",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137772",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-79754"
},
{
"db": "VULHUB",
"id": "VHN-81961"
},
{
"db": "VULMON",
"id": "CVE-2015-1793"
},
{
"db": "BID",
"id": "75652"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003487"
},
{
"db": "PACKETSTORM",
"id": "132973"
},
{
"db": "PACKETSTORM",
"id": "137772"
},
{
"db": "PACKETSTORM",
"id": "132642"
},
{
"db": "PACKETSTORM",
"id": "133793"
},
{
"db": "PACKETSTORM",
"id": "132646"
},
{
"db": "PACKETSTORM",
"id": "132625"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-298"
},
{
"db": "NVD",
"id": "CVE-2015-1793"
}
]
},
"id": "VAR-201507-0348",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-79754"
},
{
"db": "VULHUB",
"id": "VHN-81961"
}
],
"trust": 0.74851742
},
"last_update_date": "2024-07-23T19:37:42.535000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20150710-openssl",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150710-openssl"
},
{
"title": "Fix alternate chains certificate forgery issue",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=9a0db453ba017ebcaccbee933ee6511a9ae4d1c8"
},
{
"title": "Add test for CVE-2015-1793",
"trust": 0.8,
"url": "https://github.com/openssl/openssl/commit/f404943bcab4898d18f3ac1b36479d1d7bbbb9e6"
},
{
"title": "HPSBUX03388",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143880121627664\u0026amp;w=2"
},
{
"title": "HPSBGN03424",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026m=144370846326989\u0026w=2"
},
{
"title": "HPSBHF03613",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05184351"
},
{
"title": "HPSBMU03546",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05045763"
},
{
"title": "NV15-010",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv15-010.html"
},
{
"title": "OpenSSL Security Advisory [9 Jul 2015]",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv_20150709.txt"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"title": "Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - October 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015verbose-2367954.html"
},
{
"title": "Oracle Critical Patch Update CVSS V2 Risk Matrices - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - April 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016verbose-2881709.html"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - October 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016verbose-2881725.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"title": "Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2016verbose-2881721.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - January 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016verbose-2367956.html"
},
{
"title": "Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"title": "January 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/january_2016_critical_patch_update"
},
{
"title": "October 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2015_critical_patch_update"
},
{
"title": "April 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/april_2016_critical_patch_update"
},
{
"title": "October 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2016_critical_patch_update"
},
{
"title": "July 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "http://blogs.oracle.com/security/entry/july_2016_critical_patch_update"
},
{
"title": "JSA10694",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10694"
},
{
"title": "cisco-sa-20150710-openssl",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/113/1130/1130208_cisco-sa-20150710-openssl-j.html"
},
{
"title": "openssl-1.0.2d",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=56655"
},
{
"title": "openssl-1.0.1p",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=56654"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/07/06/hpe_rushes_out_patch_for_more_than_a_year_of_openssl_vulns/"
},
{
"title": "Amazon Linux AMI: ALAS-2015-564",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2015-564"
},
{
"title": "Red Hat: CVE-2015-1793",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-1793"
},
{
"title": "Symantec Security Advisories: SA101 : OpenSSL Security Advisory 09-July-2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=bb24cf23a4d911e95562099e0e8d0f2d"
},
{
"title": "Tenable Security Advisories: [R5] OpenSSL \u002720150709\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2015-08"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=8b701aba68029ec36b631a8e26157a22"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=744c19dc9f4f70ad58059bf8733ec9c1"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=122319027ae43d6d626710f1b1bb1d43"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=63802a6c83b107c4e6e0c7f9241a66a8"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2015-4000 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2015-1788 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1793"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003487"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-298"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-254",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
},
{
"problemtype": "CWE-310",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-79754"
},
{
"db": "VULHUB",
"id": "VHN-81961"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003487"
},
{
"db": "NVD",
"id": "CVE-2015-1793"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://openssl.org/news/secadv_20150709.txt"
},
{
"trust": 1.6,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.6,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 1.6,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"trust": 1.5,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150710-openssl"
},
{
"trust": 1.5,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.4,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10694"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/75652"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.3,
"url": "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"trust": 1.3,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05045763"
},
{
"trust": 1.3,
"url": "https://help.ecostruxureit.com/display/public/uadco8x/struxureware+data+center+operation+software+vulnerability+fixes"
},
{
"trust": 1.3,
"url": "https://www.exploit-db.com/exploits/38640/"
},
{
"trust": 1.3,
"url": "https://security.gentoo.org/glsa/201507-15"
},
{
"trust": 1.3,
"url": "http://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2015-008.txt.asc"
},
{
"trust": 1.2,
"url": "http://www.fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery"
},
{
"trust": 1.2,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.2,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454058.htm"
},
{
"trust": 1.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04822825"
},
{
"trust": 1.2,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05184351"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-july/161747.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-july/161782.html"
},
{
"trust": 1.2,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-15:12.openssl.asc"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1032817"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144370846326989\u0026w=2"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10125"
},
{
"trust": 1.1,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2015\u0026m=slackware-security.561427"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=9a0db453ba017ebcaccbee933ee6511a9ae4d1c8"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1793"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99160787/index.html"
},
{
"trust": 0.8,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1793"
},
{
"trust": 0.8,
"url": "https://cryptanalysis.eu/blog/2015/07/09/bypassing-certificate-checks-in-openssl-1-0-2c-cve-2015-1793/"
},
{
"trust": 0.7,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=9a0db453ba017ebcaccbee933ee6511a9ae4d1c8"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1793"
},
{
"trust": 0.4,
"url": "https://www.openssl.org/news/secadv_20150709.txt"
},
{
"trust": 0.3,
"url": "https://mta.openssl.org/pipermail/openssl-announce/2015-july/000037.html"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://support.asperasoft.com/entries/94843988-security-bulletin-openssl-,-tls-vulnerabilities-logjam-cve-2015-4000"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/aug/13"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04822825"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05184351"
},
{
"trust": 0.3,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-454058.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962519"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964231"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21965399"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020840"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961179"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962398"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962929"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963448"
},
{
"trust": 0.3,
"url": "https://www.openssl.org/news/vulnerabilities.html#2015-1793"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963498"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966481"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966484"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965725"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965807"
},
{
"trust": 0.2,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143880121627664\u0026amp;w=2"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.2,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1790"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1788"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1792"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10694"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10125"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144370846326989\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2015\u0026amp;m=slackware-security.561427"
},
{
"trust": 0.1,
"url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00001.html"
},
{
"trust": 0.1,
"url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00002.html"
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/bid/74733"
},
{
"trust": 0.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 0.1,
"url": "http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04876402"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04949778"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10681"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10727"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht204941"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht204942"
},
{
"trust": 0.1,
"url": "http://support.citrix.com/article/ctx201114"
},
{
"trust": 0.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959111"
},
{
"trust": 0.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959195"
},
{
"trust": 0.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959325"
},
{
"trust": 0.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959453"
},
{
"trust": 0.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959481"
},
{
"trust": 0.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959517"
},
{
"trust": 0.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959530"
},
{
"trust": 0.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959539"
},
{
"trust": 0.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959636"
},
{
"trust": 0.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959812"
},
{
"trust": 0.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960191"
},
{
"trust": 0.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961717"
},
{
"trust": 0.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962455"
},
{
"trust": 0.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962739"
},
{
"trust": 0.1,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21958984"
},
{
"trust": 0.1,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21959132"
},
{
"trust": 0.1,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041"
},
{
"trust": 0.1,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"trust": 0.1,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960380"
},
{
"trust": 0.1,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960418"
},
{
"trust": 0.1,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21962816"
},
{
"trust": 0.1,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21967893"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/2015-05-20-logjam-attack"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-70.html"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 0.1,
"url": "http://www.solarwinds.com/documentation/storage/storagemanager/docs/releasenotes/releasenotes.htm"
},
{
"trust": 0.1,
"url": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"trust": 0.1,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1138554"
},
{
"trust": 0.1,
"url": "https://developer.mozilla.org/en-us/docs/mozilla/projects/nss/nss_3.19.1_release_notes"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04770140"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04772190"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04773119"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04773241"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04832246"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04918839"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04923929"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04926789"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04740527"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04953655"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05128722"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05193083"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10122"
},
{
"trust": 0.1,
"url": "https://openssl.org/news/secadv/20150611.txt"
},
{
"trust": 0.1,
"url": "https://puppet.com/security/cve/cve-2015-4000"
},
{
"trust": 0.1,
"url": "https://security.netapp.com/advisory/ntap-20150619-0001/"
},
{
"trust": 0.1,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 0.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03831en_us"
},
{
"trust": 0.1,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21959745"
},
{
"trust": 0.1,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098403"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"trust": 0.1,
"url": "https://www.suse.com/security/cve/cve-2015-4000.html"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/2015/dsa-3287"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/2015/dsa-3300"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/2015/dsa-3324"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/2016/dsa-3688"
},
{
"trust": 0.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/159351.html"
},
{
"trust": 0.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/159314.html"
},
{
"trust": 0.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160117.html"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/glsa/201506-02"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/glsa/201512-10"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143557934009303\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143628304012255\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143558092609708\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143655800220052\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144060576831314\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144069189622016\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144050121701297\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144060606031437\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144102017024820\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144061542602287\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=145409266329539\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144043644216842\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143506486712441\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144104533800819\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143637549705650\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144493176821532\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04718196"
},
{
"trust": 0.1,
"url": "https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/"
},
{
"trust": 0.1,
"url": "https://weakdh.org/"
},
{
"trust": 0.1,
"url": "https://weakdh.org/imperfect-forward-secrecy.pdf"
},
{
"trust": 0.1,
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"trust": 0.1,
"url": "http://openwall.com/lists/oss-security/2015/05/20/8"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1072.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1185.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1197.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1228.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1229.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1230.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1241.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1242.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1243.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1485.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1486.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1488.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1526.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1544.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1604.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1624.html"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2056.html"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032474"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032475"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032476"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032637"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032645"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032647"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032648"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032649"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032650"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032651"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032652"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032653"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032654"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032655"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032656"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032688"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032699"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032702"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032727"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032759"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032777"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032778"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032783"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032784"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032856"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032864"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032865"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032871"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032884"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032910"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032932"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1032960"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033019"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033064"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033065"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033067"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033208"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033209"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033210"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033222"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033341"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033385"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033416"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033430"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033433"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033513"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033760"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033891"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1033991"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1034087"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1034728"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1034884"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1036218"
},
{
"trust": 0.1,
"url": "http://www.securitytracker.com/id/1040630"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2656-1"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2656-2"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2673-1"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2696-1"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2706-1"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/254.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2015-4000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/modules/auxiliary/server/openssl_altchainsforgery_mitm_proxy"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=44733"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4000"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?doci"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1793"
},
{
"trust": 0.1,
"url": "https://software"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv_20150709.txt\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-15:12.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1793\u003e"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-79754"
},
{
"db": "VULHUB",
"id": "VHN-81961"
},
{
"db": "VULMON",
"id": "CVE-2015-1793"
},
{
"db": "BID",
"id": "75652"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003487"
},
{
"db": "PACKETSTORM",
"id": "132973"
},
{
"db": "PACKETSTORM",
"id": "137772"
},
{
"db": "PACKETSTORM",
"id": "132642"
},
{
"db": "PACKETSTORM",
"id": "133793"
},
{
"db": "PACKETSTORM",
"id": "132646"
},
{
"db": "PACKETSTORM",
"id": "132625"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-298"
},
{
"db": "NVD",
"id": "CVE-2015-1793"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-79754"
},
{
"db": "VULHUB",
"id": "VHN-81961"
},
{
"db": "VULMON",
"id": "CVE-2015-1793"
},
{
"db": "BID",
"id": "75652"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003487"
},
{
"db": "PACKETSTORM",
"id": "132973"
},
{
"db": "PACKETSTORM",
"id": "137772"
},
{
"db": "PACKETSTORM",
"id": "132642"
},
{
"db": "PACKETSTORM",
"id": "133793"
},
{
"db": "PACKETSTORM",
"id": "132646"
},
{
"db": "PACKETSTORM",
"id": "132625"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-298"
},
{
"db": "NVD",
"id": "CVE-2015-1793"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-07-09T00:00:00",
"db": "VULHUB",
"id": "VHN-79754"
},
{
"date": "2015-05-21T00:00:00",
"db": "VULHUB",
"id": "VHN-81961"
},
{
"date": "2015-07-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-1793"
},
{
"date": "2015-07-09T00:00:00",
"db": "BID",
"id": "75652"
},
{
"date": "2015-07-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003487"
},
{
"date": "2015-08-06T10:10:00",
"db": "PACKETSTORM",
"id": "132973"
},
{
"date": "2016-07-05T18:18:00",
"db": "PACKETSTORM",
"id": "137772"
},
{
"date": "2015-07-10T15:43:49",
"db": "PACKETSTORM",
"id": "132642"
},
{
"date": "2015-10-01T15:52:56",
"db": "PACKETSTORM",
"id": "133793"
},
{
"date": "2015-07-10T15:53:18",
"db": "PACKETSTORM",
"id": "132646"
},
{
"date": "2015-07-09T23:03:33",
"db": "PACKETSTORM",
"id": "132625"
},
{
"date": "2015-07-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-298"
},
{
"date": "2015-07-09T19:17:00.093000",
"db": "NVD",
"id": "CVE-2015-1793"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-30T00:00:00",
"db": "VULHUB",
"id": "VHN-79754"
},
{
"date": "2023-02-09T00:00:00",
"db": "VULHUB",
"id": "VHN-81961"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2015-1793"
},
{
"date": "2016-10-26T05:10:00",
"db": "BID",
"id": "75652"
},
{
"date": "2016-11-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003487"
},
{
"date": "2015-07-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-298"
},
{
"date": "2023-11-07T02:24:55.670000",
"db": "NVD",
"id": "CVE-2015-1793"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "133793"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-298"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL Vulnerabilities in certificate chain validation failure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003487"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "75652"
}
],
"trust": 0.3
}
}
VAR-201507-0037
Vulnerability from variot - Updated: 2024-07-22 21:39named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries. ISC BIND is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service.
Release Date: 2015-08-18 Last Updated: 2015-08-18
Potential Security Impact: Remote Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS).
References:
CVE-2015-5477 CVE-2014-8500 SSRT102211
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11 running BIND 9.3.2 prior to C.9.3.2.14.0 HP-UX B.11.23 running BIND 9.3.2 prior to C.9.3.2.14.0
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-5477 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2014-8500 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided updated versions of the BIND service to resolve this vulnerability.
BIND 9.3.2 for HP-UX Release Depot Name Download location
B.11.11 (PA and IA) HP_UX_11.11_DNSUPGRADE_C.9.3.2.14.0_HP-UX_B.11.11_32_64.depot https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumbe r=BIND
BIND 9.3.2 for HP-UX Release Depot Name Download location
B.11.23 (PA and IA) HP_UX_11.23_DNSUPGRADE_C.9.3.2.14.0_HP-UX_B.11.23_IA_PA.depot https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumbe r=BIND
MANUAL ACTIONS: Yes - Update Download and install the software update
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
BindUpgrade.BIND-UPGRADE action: install revision C.9.3.2.14.0 or subsequent
HP-UX B.11.23
BindUpgrade.BIND-UPGRADE BindUpgrade.BIND2-UPGRADE action: install revision C.9.3.2.14.0 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 18 August 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-15:17.bind Security Advisory The FreeBSD Project
Topic: BIND remote denial of service vulnerability
Category: contrib Module: bind Announced: 2015-07-28 Credits: ISC Affects: FreeBSD 8.x and FreeBSD 9.x. Corrected: 2015-07-28 19:58:54 UTC (stable/9, 9.3-STABLE) 2015-07-28 19:59:22 UTC (releng/9.3, 9.3-RELEASE-p21) 2015-07-28 19:58:54 UTC (stable/8, 8.4-STABLE) 2015-07-28 19:59:22 UTC (releng/8.4, 8.4-RELEASE-p35) CVE Name: CVE-2015-5477
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
II.
III. Impact
A remote attacker can trigger a crash of a name server. Both recursive and authoritative servers are affected, and the exposure can not be mitigated by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling, before checks enforcing those boundaries.
IV. Workaround
No workaround is available, but systems that are not running BIND are not vulnerable.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. A reboot is recommended but not required.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
The named service has to be restarted after the update. A reboot is recommended but not required.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
fetch https://security.FreeBSD.org/patches/SA-15:17/bind.patch
fetch https://security.FreeBSD.org/patches/SA-15:17/bind.patch.asc
gpg --verify bind.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r285977 releng/8.4/ r285980 stable/9/ r285977 releng/9.3/ r285980
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. This issue was addressed by updating BIND to version 9.9.7-P2. CVE-ID CVE-2015-5477
OS X Server v4.1.5 may be obtained from the Mac App Store. VCX prior to 9.8.18 with OpenSSH or ISC BIND.
-
VCX 9.8.18 for the following Products/SKUs:
-
J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
HISTORY Version:1 (rev.1) - 28 January 2016 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Platform Patch Kit Name
Alpha OpenVMS V8.4 QXCM1001434254_4652022589_2015-08-28.BCK
ITANIUM OpenVMS V8.4 QXCM1001434254_4652022589_2015-08-28.BCK
NOTE: Please contact OpenVMS Technical Support to request these patch kits. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: bind security update Advisory ID: RHSA-2016:0078-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0078.html Issue date: 2016-01-28 CVE Names: CVE-2014-8500 CVE-2015-5477 CVE-2015-5722 CVE-2015-8000 =====================================================================
- Summary:
Updated bind packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.4 and 6.5 Advanced Update Support.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 6.4) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - i386, ppc64, s390x, x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. (CVE-2014-8500)
A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named (functioning as an authoritative DNS server or a DNS resolver) exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2015-5477)
A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query (for example, a query requiring a response from a zone containing a deliberately malformed key) that would cause named functioning as a validating resolver to crash. (CVE-2015-5722)
A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server to crash. (CVE-2015-8000)
Note: This issue affects authoritative servers as well as recursive servers, however authoritative servers are at limited risk if they perform authentication when making recursive queries to resolve addresses for servers listed in NS RRSETs.
Red Hat would like to thank ISC for reporting the CVE-2015-5477, CVE-2015-5722, and CVE-2015-8000 issues. Upstream acknowledges Jonathan Foote as the original reporter of CVE-2015-5477, and Hanno Böck as the original reporter of CVE-2015-5722.
All bind users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1171912 - CVE-2014-8500 bind: delegation handling denial of service 1247361 - CVE-2015-5477 bind: TKEY query handling flaw leading to denial of service 1259087 - CVE-2015-5722 bind: malformed DNSSEC key failed assertion denial of service 1291176 - CVE-2015-8000 bind: responses with a malformed class attribute can trigger an assertion failure in db.c
- Package List:
Red Hat Enterprise Linux Server AUS (v. 6.4):
Source: bind-9.8.2-0.17.rc1.el6_4.7.src.rpm
i386: bind-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-utils-9.8.2-0.17.rc1.el6_4.7.i686.rpm
ppc64: bind-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.ppc.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-utils-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm
s390x: bind-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.s390.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-utils-9.8.2-0.17.rc1.el6_4.7.s390x.rpm
x86_64: bind-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-utils-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.5):
Source: bind-9.8.2-0.23.rc1.el6_5.2.src.rpm
i386: bind-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-utils-9.8.2-0.23.rc1.el6_5.2.i686.rpm
ppc64: bind-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.ppc.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm
s390x: bind-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.s390.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-utils-9.8.2-0.23.rc1.el6_5.2.s390x.rpm
x86_64: bind-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.4):
Source: bind-9.8.2-0.17.rc1.el6_4.7.src.rpm
i386: bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.7.i686.rpm
ppc64: bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.ppc.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm
s390x: bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.s390.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.7.s390x.rpm
x86_64: bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.5):
Source: bind-9.8.2-0.23.rc1.el6_5.2.src.rpm
i386: bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.2.i686.rpm
ppc64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.ppc.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm
s390x: bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.s390.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.2.s390x.rpm
x86_64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-8500 https://access.redhat.com/security/cve/CVE-2015-5477 https://access.redhat.com/security/cve/CVE-2015-5722 https://access.redhat.com/security/cve/CVE-2015-8000 https://access.redhat.com/security/updates/classification/#important https://kb.isc.org/article/AA-01216 https://kb.isc.org/article/AA-01272 https://kb.isc.org/article/AA-01287 https://kb.isc.org/article/AA-01317
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWqhylXlSAg2UNWIIRAqZ/AKCoKFjvPavmvpq8cC3SSEMtpGtycQCfShgo 0jc/9uvkc44V3h5ZDR/fILQ= =90gw -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/bind < 9.10.2_p4 >= 9.10.2_p4
Description
A vulnerability has been discovered in BIND's named utility leading to a Denial of Service condition.
Impact
A remote attacker may be able to cause Denial of Service condition via specially constructed zone data.
Workaround
There is no known workaround at this time.
Resolution
All BIND users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.10.2_p4"
References
[ 1 ] CVE-2015-1349 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1349 [ 2 ] CVE-2015-4620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4620 [ 3 ] CVE-2015-5477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5477 [ 4 ] CVE-2015-5722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5722 [ 5 ] CVE-2015-5986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5986
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201510-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201507-0037",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.10.2"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.7"
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.9.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.10.2"
},
{
"model": "8.4-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5"
},
{
"model": "big-ip wom hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "hp-ux b.11.31.06",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "junos 12.1x44-d33",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip gtm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "i v4r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "big-ip apm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "hp-ux c.9.7.3.8.0",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "big-ip webaccelerator hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip gtm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "junos 14.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.1"
},
{
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip analytics hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "junos 12.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "i v5r2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind b3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "junos 12.1x44-d51",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "i v5r1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "bind b4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "i v4r1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "junos 14.1x53-d16",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "8.4-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip edge gateway 11.1.0-hf2",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.3"
},
{
"model": "big-ip asm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "bind rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "i v5r2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.6"
},
{
"model": "big-ip edge gateway hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "junos 14.2r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10"
},
{
"model": "junos 14.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "bind 9.5.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "i v4r1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "junos 12.1x44-d50",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip psm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "junos 14.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6"
},
{
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "junos 14.1x53-d30",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "junos os 12.1x47-d30",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip webaccelerator hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "junos 12.3r12",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind 9.5.0a7",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.6.0-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "junos 12.3r4.6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "junos 12.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "vcx",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.8.17"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip ltm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip analytics hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "junos 15.1r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "bind 9.5.0a6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "8.4-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip link controller hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.3"
},
{
"model": "big-ip edge gateway 10.2.3-hf1",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "junos 14.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.5"
},
{
"model": "smartcloud provisioning for software virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "junos 14.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "junos 15.2r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d39",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip ltm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "i v5r3",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "bind p3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5.1"
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos 13.2r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0.1"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "junos os 15.1x49-d30",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "8.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "junos 12.3r2-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip ltm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip analytics hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.1"
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.6"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.4"
},
{
"model": "bind 9.4.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "junos 15.1x53-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.1x53-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip gtm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "junos 12.1x44-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos d40",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos 12.1x44-d30.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i v3r7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "i v4r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "junos 15.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "8.4-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos d20",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "bind 9.4.3-p5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "big-ip edge gateway 11.0.0-hf2",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-ip edge gateway hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "junos 15.1x49-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "i v4r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "big-ip ltm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "i v4r2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "junos 14.1x53-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind -p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip asm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip psm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "big-ip gtm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip apm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x4.1.5"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip psm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip wom hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "junos 12.3x50-d50",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind 9.5.0a3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip asm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "junos 14.1r6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-iq cloud hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "big-ip link controller hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos 12.1x47-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip edge gateway hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "8.4-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1.0"
},
{
"model": "8.4-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip webaccelerator hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "bind 9.5.0b2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "netezza host management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.8.0"
},
{
"model": "junos 12.1x46-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "big-ip wom hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "big-ip link controller hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip edge gateway hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "junos 15.1r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "junos 13.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip psm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "bind 9.6.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip webaccelerator hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "8.4-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "big-ip wom hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "junos 14.1x53-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip analytics 11.0.0-hf2",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip afm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind 9.5.1b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "hp-ux b.11.31.08",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "junos 13.2x51-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip analytics hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "junos 14.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip analytics hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "junos 12.1x44-d45",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x46-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip link controller hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "big-ip edge gateway hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "junos 12.1x44-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind 9.5.0-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip psm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip ltm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "i v4r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "junos 12.1x46-d45",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip link controller hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "junos 12.1x47-d11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "junos 13.3r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip apm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "junos 12.3r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 14.1x53-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1.0"
},
{
"model": "junos 13.2r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.8"
},
{
"model": "big-ip edge gateway 11.1.0-hf3",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "junos 13.2x51-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip asm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "junos 13.2x51-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.7.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "i v5r1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "bind 9.5.0b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0.1"
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos 12.1x47-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.1r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r3.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip link controller hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip ltm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "junos 12.1x44-d20.3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind 9.5.0a5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "i v5r2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "big-ip apm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip gtm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "junos d35",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "i v4r1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "8.4-release-p20",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip wom hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "junos os 12.3x50-d42",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"model": "bind 9.7.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "hp-ux b.11.31.09",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "junos 12.1x44-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "big-ip link controller hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5.1"
},
{
"model": "big-ip analytics hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "junos 12.1x46-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-iq adc",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "8.4-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip gtm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "big-ip webaccelerator hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.80"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip gtm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "big-ip link controller 11.1.0-hf3",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "bind 9.4.3b2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "junos 15.1f3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip link controller hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.8.1.0"
},
{
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "8.4-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "i v5r1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "big-ip psm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "junos 13.2r9",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d20.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "junos 12.3x48-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "i v3r7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "big-ip apm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip analytics hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "junos 12.1x46-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "junos 12.3r11",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "big-ip psm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"model": "bind 9.4.3-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "junos 13.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "big-ip asm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.4"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind 9.3.5-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "i v3r7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "bind 9.4.3-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip link controller 11.1.0-hf2",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "i v4r2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "bind p3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.3"
},
{
"model": "junos 13.2x51-d36",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "8.4-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 15.1x49-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "junos 12.1x44-d24",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip apm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "northstar controller application service pack",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "2.1.01"
},
{
"model": "i v4r2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "junos 15.1f2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tcp/ip services for openvms bind eco5",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.7"
},
{
"model": "junos 14.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.1x53-d18",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "big-ip analytics hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1.0"
},
{
"model": "i v4r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "big-ip asm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "big-ip analytics hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "junos 12.3r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "junos 12.3r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind 9.6.1-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "bind 9.5.0a4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "big-ip psm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip gtm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "junos 12.1x44-d35.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip analytics hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "junos 12.3r10.2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "bind 9.5.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "junos 12.3x48-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "vcx",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9.8.18"
},
{
"model": "bind -p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "junos 13.2r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r1.8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip link controller hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "junos 12.1x46-d36",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip gtm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "northstar controller application",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2.1.0"
},
{
"model": "big-ip psm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "junos 14.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "big-ip pem hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "junos 14.1x53-d12",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "junos 12.1x46-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x47-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "junos 13.2r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "big-ip edge gateway hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.4"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.2"
},
{
"model": "big-ip psm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "8.4-release-p27",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "junos 12.3r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i v4r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "15.04"
},
{
"model": "junos 12.1x44-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "76092"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-807"
},
{
"db": "NVD",
"id": "CVE-2015-5477"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:p1:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.9.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:p2:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.10.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5477"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jonathan Foote",
"sources": [
{
"db": "BID",
"id": "76092"
}
],
"trust": 0.3
},
"cve": "CVE-2015-5477",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-5477",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-5477",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201507-807",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-5477",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-5477"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-807"
},
{
"db": "NVD",
"id": "CVE-2015-5477"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries. ISC BIND is prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to cause a denial-of-service. \n\nRelease Date: 2015-08-18\nLast Updated: 2015-08-18\n\nPotential Security Impact: Remote Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running\nBIND. This vulnerability could be exploited remotely to create a Denial of\nService (DoS). \n\nReferences:\n\nCVE-2015-5477\nCVE-2014-8500\nSSRT102211\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nHP-UX B.11.11 running BIND 9.3.2 prior to C.9.3.2.14.0\nHP-UX B.11.23 running BIND 9.3.2 prior to C.9.3.2.14.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-5477 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2014-8500 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided updated versions of the BIND service to resolve this\nvulnerability. \n\nBIND 9.3.2 for HP-UX Release\n Depot Name\n Download location\n\nB.11.11 (PA and IA)\n HP_UX_11.11_DNSUPGRADE_C.9.3.2.14.0_HP-UX_B.11.11_32_64.depot\n https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumbe\nr=BIND\n\nBIND 9.3.2 for HP-UX Release\n Depot Name\n Download location\n\nB.11.23 (PA and IA)\n HP_UX_11.23_DNSUPGRADE_C.9.3.2.14.0_HP-UX_B.11.23_IA_PA.depot\n https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumbe\nr=BIND\n\nMANUAL ACTIONS: Yes - Update\nDownload and install the software update\n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\n==================\nBindUpgrade.BIND-UPGRADE\naction: install revision C.9.3.2.14.0 or subsequent\n\nHP-UX B.11.23\n==================\nBindUpgrade.BIND-UPGRADE\nBindUpgrade.BIND2-UPGRADE\naction: install revision C.9.3.2.14.0 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 18 August 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-15:17.bind Security Advisory\n The FreeBSD Project\n\nTopic: BIND remote denial of service vulnerability\n\nCategory: contrib\nModule: bind\nAnnounced: 2015-07-28\nCredits: ISC\nAffects: FreeBSD 8.x and FreeBSD 9.x. \nCorrected: 2015-07-28 19:58:54 UTC (stable/9, 9.3-STABLE)\n 2015-07-28 19:59:22 UTC (releng/9.3, 9.3-RELEASE-p21)\n 2015-07-28 19:58:54 UTC (stable/8, 8.4-STABLE)\n 2015-07-28 19:59:22 UTC (releng/8.4, 8.4-RELEASE-p35)\nCVE Name: CVE-2015-5477\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nII. \n\nIII. Impact\n\nA remote attacker can trigger a crash of a name server. Both recursive and\nauthoritative servers are affected, and the exposure can not be mitigated\nby either ACLs or configuration options limiting or denying service because\nthe exploitable code occurs early in the packet handling, before checks\nenforcing those boundaries. \n\nIV. Workaround\n\nNo workaround is available, but systems that are not running BIND are not\nvulnerable. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. A reboot is\nrecommended but not required. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nThe named service has to be restarted after the update. A reboot is\nrecommended but not required. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch https://security.FreeBSD.org/patches/SA-15:17/bind.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:17/bind.patch.asc\n# gpg --verify bind.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r285977\nreleng/8.4/ r285980\nstable/9/ r285977\nreleng/9.3/ r285980\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. This issue was addressed by updating BIND to version\n9.9.7-P2. \nCVE-ID\nCVE-2015-5477\n\n\nOS X Server v4.1.5 may be obtained from the Mac App Store. \nVCX prior to 9.8.18 with OpenSSH or ISC BIND. \n\n+ VCX 9.8.18 for the following Products/SKUs:\n\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n\nHISTORY\nVersion:1 (rev.1) - 28 January 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\n Platform\n Patch Kit Name\n\n Alpha OpenVMS V8.4\n QXCM1001434254_4652022589_2015-08-28.BCK\n\n ITANIUM OpenVMS V8.4\n QXCM1001434254_4652022589_2015-08-28.BCK\n\n NOTE: Please contact OpenVMS Technical Support to request these patch kits. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: bind security update\nAdvisory ID: RHSA-2016:0078-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0078.html\nIssue date: 2016-01-28\nCVE Names: CVE-2014-8500 CVE-2015-5477 CVE-2015-5722 \n CVE-2015-8000 \n=====================================================================\n\n1. Summary:\n\nUpdated bind packages that fix multiple security issues are now available\nfor Red Hat Enterprise Linux 6.4 and 6.5 Advanced Update Support. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 6.4) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.5) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5) - i386, ppc64, s390x, x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. \n\nA denial of service flaw was found in the way BIND followed DNS\ndelegations. A remote attacker could use a specially crafted zone\ncontaining a large number of referrals which, when looked up and processed,\nwould cause named to use excessive amounts of memory or crash. \n(CVE-2014-8500)\n\nA flaw was found in the way BIND handled requests for TKEY DNS resource\nrecords. A remote attacker could use this flaw to make named (functioning\nas an authoritative DNS server or a DNS resolver) exit unexpectedly with an\nassertion failure via a specially crafted DNS request packet. \n(CVE-2015-5477)\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. A remote attacker could use this flaw to send a specially\ncrafted DNS query (for example, a query requiring a response from a zone\ncontaining a deliberately malformed key) that would cause named functioning\nas a validating resolver to crash. (CVE-2015-5722)\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs. \n\nRed Hat would like to thank ISC for reporting the CVE-2015-5477,\nCVE-2015-5722, and CVE-2015-8000 issues. Upstream acknowledges Jonathan\nFoote as the original reporter of CVE-2015-5477, and Hanno B\u00f6ck as the\noriginal reporter of CVE-2015-5722. \n\nAll bind users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdate, the BIND daemon (named) will be restarted automatically. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1171912 - CVE-2014-8500 bind: delegation handling denial of service\n1247361 - CVE-2015-5477 bind: TKEY query handling flaw leading to denial of service\n1259087 - CVE-2015-5722 bind: malformed DNSSEC key failed assertion denial of service\n1291176 - CVE-2015-8000 bind: responses with a malformed class attribute can trigger an assertion failure in db.c\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 6.4):\n\nSource:\nbind-9.8.2-0.17.rc1.el6_4.7.src.rpm\n\ni386:\nbind-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-chroot-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-utils-9.8.2-0.17.rc1.el6_4.7.i686.rpm\n\nppc64:\nbind-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-chroot-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.ppc.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-utils-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\n\ns390x:\nbind-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-chroot-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.s390.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-utils-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\n\nx86_64:\nbind-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-chroot-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-utils-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.5):\n\nSource:\nbind-9.8.2-0.23.rc1.el6_5.2.src.rpm\n\ni386:\nbind-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.2.i686.rpm\n\nppc64:\nbind-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.ppc.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\n\ns390x:\nbind-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.s390.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\n\nx86_64:\nbind-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4):\n\nSource:\nbind-9.8.2-0.17.rc1.el6_4.7.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-sdb-9.8.2-0.17.rc1.el6_4.7.i686.rpm\n\nppc64:\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.ppc.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-sdb-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.s390.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-sdb-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-sdb-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5):\n\nSource:\nbind-9.8.2-0.23.rc1.el6_5.2.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.2.i686.rpm\n\nppc64:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.ppc.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.s390.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-8500\nhttps://access.redhat.com/security/cve/CVE-2015-5477\nhttps://access.redhat.com/security/cve/CVE-2015-5722\nhttps://access.redhat.com/security/cve/CVE-2015-8000\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://kb.isc.org/article/AA-01216\nhttps://kb.isc.org/article/AA-01272\nhttps://kb.isc.org/article/AA-01287\nhttps://kb.isc.org/article/AA-01317\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWqhylXlSAg2UNWIIRAqZ/AKCoKFjvPavmvpq8cC3SSEMtpGtycQCfShgo\n0jc/9uvkc44V3h5ZDR/fILQ=\n=90gw\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/bind \u003c 9.10.2_p4 \u003e= 9.10.2_p4 \n\nDescription\n===========\n\nA vulnerability has been discovered in BIND\u0027s named utility leading to\na Denial of Service condition. \n\nImpact\n======\n\nA remote attacker may be able to cause Denial of Service condition via\nspecially constructed zone data. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll BIND users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/bind-9.10.2_p4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-1349\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1349\n[ 2 ] CVE-2015-4620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4620\n[ 3 ] CVE-2015-5477\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5477\n[ 4 ] CVE-2015-5722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5722\n[ 5 ] CVE-2015-5986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5986\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201510-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5477"
},
{
"db": "BID",
"id": "76092"
},
{
"db": "VULMON",
"id": "CVE-2015-5477"
},
{
"db": "PACKETSTORM",
"id": "133242"
},
{
"db": "PACKETSTORM",
"id": "133231"
},
{
"db": "PACKETSTORM",
"id": "132876"
},
{
"db": "PACKETSTORM",
"id": "133081"
},
{
"db": "PACKETSTORM",
"id": "135505"
},
{
"db": "PACKETSTORM",
"id": "133507"
},
{
"db": "PACKETSTORM",
"id": "135472"
},
{
"db": "PACKETSTORM",
"id": "134008"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=37723",
"trust": 0.2,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-5477"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-5477",
"trust": 2.8
},
{
"db": "ISC",
"id": "AA-01272",
"trust": 1.9
},
{
"db": "JUNIPER",
"id": "JSA10718",
"trust": 1.4
},
{
"db": "JUNIPER",
"id": "JSA10783",
"trust": 1.4
},
{
"db": "BID",
"id": "76092",
"trust": 1.4
},
{
"db": "EXPLOIT-DB",
"id": "37721",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "37723",
"trust": 1.1
},
{
"db": "ISC",
"id": "AA-01305",
"trust": 1.1
},
{
"db": "ISC",
"id": "AA-01306",
"trust": 1.1
},
{
"db": "ISC",
"id": "AA-01307",
"trust": 1.1
},
{
"db": "ISC",
"id": "AA-01438",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "132926",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10126",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1033100",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201507-807",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2015-5477",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133242",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133231",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132876",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133081",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135505",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133507",
"trust": 0.1
},
{
"db": "ISC",
"id": "AA-01317",
"trust": 0.1
},
{
"db": "ISC",
"id": "AA-01216",
"trust": 0.1
},
{
"db": "ISC",
"id": "AA-01287",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135472",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134008",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-5477"
},
{
"db": "BID",
"id": "76092"
},
{
"db": "PACKETSTORM",
"id": "133242"
},
{
"db": "PACKETSTORM",
"id": "133231"
},
{
"db": "PACKETSTORM",
"id": "132876"
},
{
"db": "PACKETSTORM",
"id": "133081"
},
{
"db": "PACKETSTORM",
"id": "135505"
},
{
"db": "PACKETSTORM",
"id": "133507"
},
{
"db": "PACKETSTORM",
"id": "135472"
},
{
"db": "PACKETSTORM",
"id": "134008"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-807"
},
{
"db": "NVD",
"id": "CVE-2015-5477"
}
]
},
"id": "VAR-201507-0037",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4593499042857143
},
"last_update_date": "2024-07-22T21:39:32.494000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Debian CVElist Bug Report Logs: bind9: CVE-2015-5477: An error in handling TKEY queries can cause named to exit with a REQUIRE assertion failure",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=72aa555886f251baf2a0e394069c44d4"
},
{
"title": "Debian CVElist Bug Report Logs: bind9: CVE-2016-2848: A packet with malformed options can trigger an assertion failure",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=dd4f6f8da1fe3001ac04ce05d33ac6e0"
},
{
"title": "Debian Security Advisories: DSA-3319-1 bind9 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=c8db294e6981a358dc6389c1d158b657"
},
{
"title": "Ubuntu Security Notice: bind9 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2693-1"
},
{
"title": "Amazon Linux AMI: ALAS-2015-573",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2015-573"
},
{
"title": "Red Hat: CVE-2015-5477",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-5477"
},
{
"title": "Apple: OS X Server v4.1.5",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=a9a4311d557110737edd921b56ef1a70"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=8b701aba68029ec36b631a8e26157a22"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=6c15273f6bf4a785175f27073b98a1ce"
},
{
"title": "vaas-cve-2015-5477",
"trust": 0.1,
"url": "https://github.com/hmlio/vaas-cve-2015-5477 "
},
{
"title": "cve-2015-5477",
"trust": 0.1,
"url": "https://github.com/knqyf263/cve-2015-5477 "
},
{
"title": "cve-2015-5477",
"trust": 0.1,
"url": "https://github.com/robertdavidgraham/cve-2015-5477 "
},
{
"title": "ShareDoc_cve-2015-5477",
"trust": 0.1,
"url": "https://github.com/denmilu/sharedoc_cve-2015-5477 "
},
{
"title": "cve-2015-5477",
"trust": 0.1,
"url": "https://github.com/ilanyu/cve-2015-5477 "
},
{
"title": "tkeypoc",
"trust": 0.1,
"url": "https://github.com/elceef/tkeypoc "
},
{
"title": "ShareDoc",
"trust": 0.1,
"url": "https://github.com/jioundai/sharedoc "
},
{
"title": "awesome-c",
"trust": 0.1,
"url": "https://github.com/honeyzhaoaliyun/awesome-c "
},
{
"title": "awesome-c",
"trust": 0.1,
"url": "https://github.com/imcg/awesome-c "
},
{
"title": "CDL",
"trust": 0.1,
"url": "https://github.com/ncsu-dance-research-group/cdl "
},
{
"title": "Classified-Distributed-Learning-for-Detecting-Security-Attacks-in-Containerized-Applications",
"trust": 0.1,
"url": "https://github.com/yuhang-lin/classified-distributed-learning-for-detecting-security-attacks-in-containerized-applications "
},
{
"title": "afl-cve",
"trust": 0.1,
"url": "https://github.com/mrash/afl-cve "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2015/08/04/bind_bug_exploits_now_in_the_wild/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2015/07/30/bind_remote_dos_vulnerability/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-5477"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-19",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5477"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://kb.isc.org/article/aa-01272"
},
{
"trust": 1.4,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1513.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0078.html"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201510-01"
},
{
"trust": 1.2,
"url": "https://www.exploit-db.com/exploits/37723/"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3319"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00048.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1515.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1514.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00044.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00045.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00043.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2693-1"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00050.html"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05095918"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144181171013996\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144000632319155\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144294073801304\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144017354030745\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/76092"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0079.html"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10718"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04952480"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html"
},
{
"trust": 1.1,
"url": "https://kb.isc.org/article/aa-01306"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10126"
},
{
"trust": 1.1,
"url": "https://kb.isc.org/article/aa-01305"
},
{
"trust": 1.1,
"url": "https://kb.isc.org/article/aa-01307"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht205032"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04789415"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033100"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/132926/bind-tkey-query-denial-of-service.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-august/163015.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-august/163007.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-august/163006.html"
},
{
"trust": 1.1,
"url": "https://kb.isc.org/article/aa-01438"
},
{
"trust": 1.1,
"url": "https://kb.juniper.net/jsa10783"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/37721/"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20160114-0001/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5477"
},
{
"trust": 0.3,
"url": "http://seclists.org/oss-sec/2015/q3/233"
},
{
"trust": 0.3,
"url": "http://www.isc.org/products/bind/"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10718\u0026actp=rss"
},
{
"trust": 0.3,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10783\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-ie/ht205032"
},
{
"trust": 0.3,
"url": "https://kb.netapp.com/support/index?page=content\u0026id=9010056\u0026actp=rss"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/jul/135"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04952480"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04789415"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04769567"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774040"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04800156"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21963712"
},
{
"trust": 0.3,
"url": "https://www.us-cert.gov/ncas/current-activity/2015/09/16/internet-systems-consortium-isc-releases-security-updates-bind"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020890"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966274"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/bind9_advisory8.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964491"
},
{
"trust": 0.3,
"url": "https://support.f5.com/kb/en-us/solutions/public/16000/900/sol16909.html"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.3,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5722"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-5477"
},
{
"trust": 0.2,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumbe"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8500"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/19.html"
},
{
"trust": 0.1,
"url": "https://github.com/hmlio/vaas-cve-2015-5477"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=40201"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2693-1/"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5477\u003e"
},
{
"trust": 0.1,
"url": "https://kb.isc.org/article/aa-01272\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-15:17.bind.asc\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:17/bind.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:17/bind.patch"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5600"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-8000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8500"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://kb.isc.org/article/aa-01216"
},
{
"trust": 0.1,
"url": "https://kb.isc.org/article/aa-01317"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://kb.isc.org/article/aa-01287"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-5722"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4620"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1349"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5986"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5477"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5986"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1349"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-5477"
},
{
"db": "BID",
"id": "76092"
},
{
"db": "PACKETSTORM",
"id": "133242"
},
{
"db": "PACKETSTORM",
"id": "133231"
},
{
"db": "PACKETSTORM",
"id": "132876"
},
{
"db": "PACKETSTORM",
"id": "133081"
},
{
"db": "PACKETSTORM",
"id": "135505"
},
{
"db": "PACKETSTORM",
"id": "133507"
},
{
"db": "PACKETSTORM",
"id": "135472"
},
{
"db": "PACKETSTORM",
"id": "134008"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-807"
},
{
"db": "NVD",
"id": "CVE-2015-5477"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2015-5477"
},
{
"db": "BID",
"id": "76092"
},
{
"db": "PACKETSTORM",
"id": "133242"
},
{
"db": "PACKETSTORM",
"id": "133231"
},
{
"db": "PACKETSTORM",
"id": "132876"
},
{
"db": "PACKETSTORM",
"id": "133081"
},
{
"db": "PACKETSTORM",
"id": "135505"
},
{
"db": "PACKETSTORM",
"id": "133507"
},
{
"db": "PACKETSTORM",
"id": "135472"
},
{
"db": "PACKETSTORM",
"id": "134008"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-807"
},
{
"db": "NVD",
"id": "CVE-2015-5477"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-07-29T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5477"
},
{
"date": "2015-07-28T00:00:00",
"db": "BID",
"id": "76092"
},
{
"date": "2015-08-21T17:01:54",
"db": "PACKETSTORM",
"id": "133242"
},
{
"date": "2015-08-21T16:57:58",
"db": "PACKETSTORM",
"id": "133231"
},
{
"date": "2015-07-28T23:02:22",
"db": "PACKETSTORM",
"id": "132876"
},
{
"date": "2015-08-13T22:20:48",
"db": "PACKETSTORM",
"id": "133081"
},
{
"date": "2016-01-29T20:34:00",
"db": "PACKETSTORM",
"id": "135505"
},
{
"date": "2015-09-09T15:44:17",
"db": "PACKETSTORM",
"id": "133507"
},
{
"date": "2016-01-28T17:18:54",
"db": "PACKETSTORM",
"id": "135472"
},
{
"date": "2015-10-18T21:06:41",
"db": "PACKETSTORM",
"id": "134008"
},
{
"date": "2015-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-807"
},
{
"date": "2015-07-29T14:59:05.397000",
"db": "NVD",
"id": "CVE-2015-5477"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-10T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5477"
},
{
"date": "2017-04-18T01:05:00",
"db": "BID",
"id": "76092"
},
{
"date": "2015-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-807"
},
{
"date": "2017-11-10T02:29:02.293000",
"db": "NVD",
"id": "CVE-2015-5477"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "132876"
},
{
"db": "PACKETSTORM",
"id": "135472"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-807"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISC BIND Denial of service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201507-807"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "76092"
}
],
"trust": 0.3
}
}
VAR-201505-0233
Vulnerability from variot - Updated: 2024-07-22 21:28The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. OpenSSL is prone to a security-bypass vulnerability because the application fails to properly verify SSL, TLS, and DTLS certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks and bypass certain security restrictions. This may aid in further attacks. OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n, and 1.0.1o are vulnerable.
Release Date: 2015-08-05 Last Updated: 2015-08-05
Potential Security Impact: Remote disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running OpenSSL with SSL/TLS enabled.
This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as Logjam which could be exploited remotely resulting in disclosure of information.
References:
CVE-2015-4000: DHE man-in-the-middle protection (Logjam).
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-4000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2015-1788 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1791 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1793 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided an updated version of OpenSSL to resolve this vulnerability.
A new B.11.31 depot for OpenSSL_A.01.00.01p is available here:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =OPENSSL11I
MANUAL ACTIONS: Yes - Update
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.31
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.01.00.01p or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 5 August 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. 6) - i386, x86_64
IBM Java SDK and JRE 5.0 will not receive software updates after September 2015. This date is referred to as the End of Service (EOS) date. Customers are advised to migrate to current versions of IBM Java at this time. IBM Java SDK and JRE versions 6 and 7 are available via the Red Hat Enterprise Linux 5 and 6 Supplementary content sets and will continue to receive updates based on IBM's lifecycle policy, linked to in the References section.
Customers can also consider OpenJDK, an open source implementation of the Java SE specification. OpenJDK is available by default on supported hardware architectures. ============================================================================ Ubuntu Security Notice USN-2656-2 July 15, 2015
firefox vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
Firefox could be made to crash or run programs as your login if it opened a malicious website.
Software Description: - firefox: Mozilla Open Source web browser
Details:
USN-2656-1 fixed vulnerabilities in Firefox for Ubuntu 14.04 LTS and later releases.
This update provides the corresponding update for Ubuntu 12.04 LTS.
Original advisory details:
Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. (CVE-2015-2721)
Looben Yan discovered 2 use-after-free issues when using XMLHttpRequest in some circumstances. (CVE-2015-2722, CVE-2015-2733)
Bob Clary, Christian Holler, Bobby Holley, Andrew McCreight, Terrence Cole, Steve Fink, Mats Palmgren, Wes Kocher, Andreas Pehrson, Tooru Fujisawa, Andrew Sutherland, and Gary Kwong discovered multiple memory safety issues in Firefox. (CVE-2015-2724, CVE-2015-2725, CVE-2015-2726)
Armin Razmdjou discovered that opening hyperlinks with specific mouse and key combinations could allow a Chrome privileged URL to be opened without context restrictions being preserved. (CVE-2015-2727)
Paul Bandha discovered a type confusion bug in the Indexed DB Manager. (CVE-2015-2728)
Holger Fuhrmannek discovered an out-of-bounds read in Web Audio. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information. (CVE-2015-2729)
Watson Ladd discovered that NSS incorrectly handled Elliptical Curve Cryptography (ECC) multiplication. A remote attacker could possibly use this issue to spoof ECDSA signatures. (CVE-2015-2730)
A use-after-free was discovered when a Content Policy modifies the DOM to remove a DOM object. (CVE-2015-2731)
Ronald Crane discovered multiple security vulnerabilities. (CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740)
David Keeler discovered that key pinning checks can be skipped when an overridable certificate error occurs. This allows a user to manually override an error for a fake certificate, but cannot be exploited on its own. (CVE-2015-2741)
Jonas Jenwald discovered that some internal workers were incorrectly executed with a high privilege. An attacker could potentially exploit this to impersonate the server. (CVE-2015-4000)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: firefox 39.0+build5-0ubuntu0.12.04.2
After a standard system update you need to restart Firefox to make all the necessary changes.
CVE-2015-4000
David Adrian et al. reported that it may be feasible to attack
Diffie-Hellman-based cipher suites in certain circumstances,
compromising the confidentiality and integrity of data encrypted
with Transport Layer Security (TLS).
CVE-2015-7181 CVE-2015-7182 CVE-2016-1950
Tyson Smith, David Keeler, and Francis Gabriel discovered
heap-based buffer overflows in the ASN.1 DER parser, potentially
leading to arbitrary code execution.
CVE-2015-7575
Karthikeyan Bhargavan discovered that TLS client implementation
accepted MD5-based signatures for TLS 1.2 connections with forward
secrecy, weakening the intended security strength of TLS
connections.
CVE-2016-1938
Hanno Boeck discovered that NSS miscomputed the result of integer
division for certain inputs. This could weaken the cryptographic
protections provided by NSS. However, NSS implements RSA-CRT leak
hardening, so RSA private keys are not directly disclosed by this
issue.
CVE-2016-1978
Eric Rescorla discovered a user-after-free vulnerability in the
implementation of ECDH-based TLS handshakes, with unknown
consequences.
CVE-2016-1979
Tim Taubert discovered a use-after-free vulnerability in ASN.1 DER
processing, with application-specific impact.
CVE-2016-2834
Tyson Smith and Jed Davis discovered unspecified memory-safety
bugs in NSS.
In addition, the NSS library did not ignore environment variables in processes which underwent a SUID/SGID/AT_SECURE transition at process start. In certain system configurations, this allowed local users to escalate their privileges.
For the stable distribution (jessie), these problems have been fixed in version 2:3.26-1+debu8u1.
For the unstable distribution (sid), these problems have been fixed in version 2:3.23-1. HP Integration Adaptor v9.12. For further information, see the knowledge base article linked to in the References section.
Security Fix(es):
-
A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library. (CVE-2016-2108)
-
Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3183)
-
A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-4000)
-
An integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncodeUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. (CVE-2016-2105)
-
An integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncryptUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. (CVE-2016-2106)
-
It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the mod_cluster via service messages (MCMP). (CVE-2016-3110)
-
A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data. (CVE-2016-2109)
-
It was discovered that specifying configuration with a JVMRoute path longer than 80 characters will cause segmentation fault leading to a server crash. (CVE-2016-4459)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-2108, CVE-2016-2105, and CVE-2016-2106 and Michal Karm Babacek for reporting CVE-2016-3110. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno BAPck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; and Guido Vranken as the original reporter of CVE-2016-2105 and CVE-2016-2106. Bugs fixed (https://bugzilla.redhat.com/):
1223211 - CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks 1243887 - CVE-2015-3183 httpd: HTTP request smuggling attack against chunked request parser 1288322 - CVE-2015-3195 OpenSSL: X509_ATTRIBUTE memory leak 1326320 - CVE-2016-3110 mod_cluster: remotely Segfault Apache http server 1330101 - CVE-2016-2109 openssl: ASN.1 BIO handling of large amounts of data 1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder 1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow 1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow 1341583 - CVE-2016-4459 mod_cluster: Buffer overflow in mod_manager when sending request with long JVMRoute 1345989 - RHEL7 RPMs: Upgrade mod_cluster-native to 1.2.13.Final-redhat-1 1345993 - RHEL7 RPMs: Upgrade mod_jk to 1.2.41.redhat-1 1345997 - RHEL7 RPMs: Upgrade tomcat-native to 1.1.34
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: java-1.7.0-openjdk security update Advisory ID: RHSA-2015:1229-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1229.html Issue date: 2015-07-15 CVE Names: CVE-2015-2590 CVE-2015-2601 CVE-2015-2621 CVE-2015-2625 CVE-2015-2628 CVE-2015-2632 CVE-2015-2808 CVE-2015-4000 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760 =====================================================================
- Summary:
Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64
- Description:
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit.
Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733)
A flaw was found in the way the Libraries component of OpenJDK verified Online Certificate Status Protocol (OCSP) responses. An OCSP response with no nextUpdate date specified was incorrectly handled as having unlimited validity, possibly causing a revoked X.509 certificate to be interpreted as valid. (CVE-2015-4748)
It was discovered that the JCE component in OpenJDK failed to use constant time comparisons in multiple cases. An attacker could possibly use these flaws to disclose sensitive information by measuring the time used to perform operations using these non-constant time comparisons. (CVE-2015-2601)
A flaw was found in the RC4 encryption algorithm. When using certain keys for RC4 encryption, an attacker could obtain portions of the plain text from the cipher text without the knowledge of the encryption key. (CVE-2015-2808)
Note: With this update, OpenJDK now disables RC4 TLS/SSL cipher suites by default to address the CVE-2015-2808 issue. Refer to Red Hat Bugzilla bug 1207101, linked to in the References section, for additional details about this change.
A flaw was found in the way the TLS protocol composed the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. (CVE-2015-4000)
Note: This update forces the TLS/SSL client implementation in OpenJDK to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Refer to Red Hat Bugzilla bug 1223211, linked to in the References section, for additional details about this change.
It was discovered that the JNDI component in OpenJDK did not handle DNS resolutions correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution. (CVE-2015-4749)
Multiple information leak flaws were found in the JMX and 2D components in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-2621, CVE-2015-2632)
A flaw was found in the way the JSSE component in OpenJDK performed X.509 certificate identity verification when establishing a TLS/SSL connection to a host identified by an IP address. In certain cases, the certificate was accepted as valid if it was issued for a host name to which the IP address resolves rather than for the IP address. (CVE-2015-2625)
Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1207101 - CVE-2015-2808 SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher 1223211 - CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks 1241965 - CVE-2015-2625 OpenJDK: name for reverse DNS lookup used in certificate identity check (JSSE, 8067694) 1242019 - CVE-2015-2601 OpenJDK: non-constant time comparisons in crypto code (JCE, 8074865) 1242232 - CVE-2015-2628 OpenJDK: IIOPInputStream type confusion vulnerability (CORBA, 8076376) 1242234 - CVE-2015-4731 OpenJDK: improper permission checks in MBeanServerInvocationHandler (JMX, 8076397) 1242240 - CVE-2015-4732 OpenJDK: insufficient context checks during object deserialization (Libraries, 8076405) 1242275 - CVE-2015-4733 OpenJDK: RemoteObjectInvocationHandler allows calling finalize() (RMI, 8076409) 1242281 - CVE-2015-4748 OpenJDK: incorrect OCSP nextUpdate checking (Libraries, 8075374) 1242372 - CVE-2015-2621 OpenJDK: incorrect code permission checks in RMIConnectionImpl (JMX, 8075853) 1242379 - CVE-2015-4749 OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378) 1242394 - CVE-2015-2632 ICU: integer overflow in LETableReference verifyLength() (OpenJDK 2D, 8077520) 1242447 - CVE-2015-4760 ICU: missing boundary checks in layout engine (OpenJDK 2D, 8071715) 1243139 - CVE-2015-2590 OpenJDK: deserialization issue in ObjectInputStream.readSerialData() (Libraries, 8076401)
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.src.rpm
i386: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.i686.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.i686.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.i686.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el6_6.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.src.rpm
x86_64: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
noarch: java-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el6_6.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.src.rpm
i386: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.i686.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.i686.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.i686.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el6_6.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.src.rpm
i386: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.i686.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.i686.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.i686.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el6_6.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: java-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.src.rpm
x86_64: java-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch: java-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.2.el7_1.noarch.rpm
x86_64: java-1.7.0-openjdk-accessibility-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: java-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.src.rpm
x86_64: java-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch: java-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.2.el7_1.noarch.rpm
x86_64: java-1.7.0-openjdk-accessibility-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: java-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.src.rpm
ppc64: java-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm java-1.7.0-openjdk-headless-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm
s390x: java-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.s390x.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.el7_1.s390x.rpm java-1.7.0-openjdk-headless-1.7.0.85-2.6.1.2.el7_1.s390x.rpm
x86_64: java-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: java-1.7.0-openjdk-1.7.0.85-2.6.1.2.ael7b_1.src.rpm
ppc64le: java-1.7.0-openjdk-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm java-1.7.0-openjdk-headless-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch: java-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.2.el7_1.noarch.rpm
ppc64: java-1.7.0-openjdk-accessibility-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm
s390x: java-1.7.0-openjdk-accessibility-1.7.0.85-2.6.1.2.el7_1.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.s390x.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.2.el7_1.s390x.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.2.el7_1.s390x.rpm
x86_64: java-1.7.0-openjdk-accessibility-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch: java-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.2.ael7b_1.noarch.rpm
ppc64le: java-1.7.0-openjdk-accessibility-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: java-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.src.rpm
x86_64: java-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch: java-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.2.el7_1.noarch.rpm
x86_64: java-1.7.0-openjdk-accessibility-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-2590 https://access.redhat.com/security/cve/CVE-2015-2601 https://access.redhat.com/security/cve/CVE-2015-2621 https://access.redhat.com/security/cve/CVE-2015-2625 https://access.redhat.com/security/cve/CVE-2015-2628 https://access.redhat.com/security/cve/CVE-2015-2632 https://access.redhat.com/security/cve/CVE-2015-2808 https://access.redhat.com/security/cve/CVE-2015-4000 https://access.redhat.com/security/cve/CVE-2015-4731 https://access.redhat.com/security/cve/CVE-2015-4732 https://access.redhat.com/security/cve/CVE-2015-4733 https://access.redhat.com/security/cve/CVE-2015-4748 https://access.redhat.com/security/cve/CVE-2015-4749 https://access.redhat.com/security/cve/CVE-2015-4760 https://access.redhat.com/security/updates/classification/#critical https://bugzilla.redhat.com/show_bug.cgi?id=1207101#c11 https://bugzilla.redhat.com/show_bug.cgi?id=1223211#c33
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVpliAXlSAg2UNWIIRAmDIAKC0SKJPEBiUrI0sgDcQMZTM/nm7nwCfUIje QU57Hj/UGZeY+OmKchPFPcI= =miFC -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 7) - x86_64
- Description:
Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Future updates may raise this limit to 1024 bits.
The nss and nss-util packages have been upgraded to upstream versions 3.19.1. The upgraded versions provide a number of bug fixes and enhancements over the previous versions. Bugs fixed (https://bugzilla.redhat.com/):
1223211 - CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks
6. OpenSSL Security Advisory [11 Jun 2015]
DHE man-in-the-middle protection (Logjam)
A vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam (CVE-2015-4000).
OpenSSL has added protection for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n
Fixes for this issue were developed by Emilia Käsper and Kurt Roeckx of the OpenSSL development team.
Malformed ECParameters causes infinite loop (CVE-2015-1788)
Severity: Moderate
When processing an ECParameters structure OpenSSL enters an infinite loop if the curve specified is over a specially malformed binary polynomial field.
This can be used to perform denial of service against any system which processes public keys, certificate requests or certificates. This includes TLS clients and TLS servers with client authentication enabled. 1.0.0d and 0.9.8r and below are affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s OpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The fix was developed by Andy Polyakov of the OpenSSL development team.
Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
Severity: Moderate
X509_cmp_time does not properly check the length of the ASN1_TIME string and can read a few bytes out of bounds. In addition, X509_cmp_time accepts an arbitrary number of fractional seconds in the time string.
An attacker can use this to craft malformed certificates and CRLs of various sizes and potentially cause a segmentation fault, resulting in a DoS on applications that verify certificates or CRLs. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 8th April 2015 by Robert Swiecki (Google), and independently on 11th April 2015 by Hanno Böck. The fix was developed by Emilia Käsper of the OpenSSL development team.
PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
Severity: Moderate
The PKCS#7 parsing code does not handle missing inner EncryptedContent correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with missing content and trigger a NULL pointer dereference on parsing.
Applications that decrypt PKCS#7 data or otherwise parse PKCS#7 structures from untrusted sources are affected. OpenSSL clients and servers are not affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 18th April 2015 by Michal Zalewski (Google). The fix was developed by Emilia Käsper of the OpenSSL development team.
CMS verify infinite loop with unknown hash function (CVE-2015-1792)
Severity: Moderate
When verifying a signedData message the CMS code can enter an infinite loop if presented with an unknown hash function OID.
This can be used to perform denial of service against any system which verifies signedData messages using the CMS code.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 31st March 2015 by Johannes Bauer. The fix was developed by Dr. Stephen Henson of the OpenSSL development team.
Race condition handling NewSessionTicket (CVE-2015-1791)
Severity: Low
If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was discovered by Emilia Käsper of the OpenSSL development team. The fix was developed by Matt Caswell of the OpenSSL development team.
Invalid free in DTLS (CVE-2014-8176)
Severity: Moderate
This vulnerability does not affect current versions of OpenSSL. It existed in previous OpenSSL versions and was fixed in June 2014.
If a DTLS peer receives application data between the ChangeCipherSpec and Finished messages, buffering of such data may cause an invalid free, resulting in a segmentation fault or potentially, memory corruption.
This issue was originally reported on March 28th 2014 in https://rt.openssl.org/Ticket/Display.html?id=3286 by Praveen Kariyanahalli, and subsequently by Ivan Fratric and Felix Groebert (Google). A fix was developed by zhu qun-ying.
The fix for this issue can be identified by commits bcc31166 (1.0.1), b79e6e3a (1.0.0) and 4b258e73 (0.9.8).
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20150611.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
. DH parameter with 1024 bits is used by default. Allow to configure custom DHE or ECDHE parameters by appending the concerned parameter file to the certificate file given for the SSLCertificateFile directive.
CVE-2015-2808:
Disable RC4 cipher in configuration file
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0233",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.35"
},
{
"model": "firefox os",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.2"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.04"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": null
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.8.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": null
},
{
"model": "content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11.0"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.10"
},
{
"model": "sparc-opl service processor",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1121"
},
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.3"
},
{
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.3.6"
},
{
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "39.0"
},
{
"model": "firefox esr",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "31.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": null
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "31.8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "b.11.31"
},
{
"model": "firefox esr",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.1.0"
},
{
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "8.3"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"model": "network security services",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.19"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"model": "browser",
"scope": "eq",
"trust": 1.0,
"vendor": "opera",
"version": null
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.8.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.9,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d25",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"model": "security network controller 1.0.3361m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.53"
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"model": "junos 12.1x44-d33",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "junos 12.1x47-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.4"
},
{
"model": "worklight foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.20"
},
{
"model": "junos 13.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.35"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.4"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "netinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"model": "agile engineering data management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.2.2"
},
{
"model": "ios xe",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.14"
},
{
"model": "rational automation framework ifix5",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"model": "rational automation framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13-34"
},
{
"model": "junos 12.1x44-d51",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "worklight foundation enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.20"
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational automation framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "imc products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.16-37"
},
{
"model": "digital media players 5.3 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "junos 12.1x44-d50",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.11"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "junos 12.3x48-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4-23"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.25-57"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-43"
},
{
"model": "telepresence conductor xc4.0",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.16"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"model": "ethernet switch es2-64",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.0.6"
},
{
"model": "ios xe",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.15"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.3"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "junos 12.3x48-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aspera enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.5"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "enterprise manager ops center",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.11-28"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "ethernet switch es2-72",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.0.6"
},
{
"model": "junos 15.1r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.36"
},
{
"model": "security network controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos 14.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5.1"
},
{
"model": "junos 14.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ethernet switch es2-64",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.9.1"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.5"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.34"
},
{
"model": "digital media players 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "rational automation framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "jd edwards world security a9.4",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "junos 13.3r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sun blade ethernet switched nem 24p 10ge",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "60000"
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "registered envelope service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4.1"
},
{
"model": "aspera orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ethernet switch es2-72",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.9.1"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "partner supporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.9.15.9.8"
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.15-36"
},
{
"model": "junos 12.1x44-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos d40",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos 12.1x44-d30.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1p",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 15.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network controller 1.0.3379m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "junos d20",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "comware products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "50"
},
{
"model": "prime network services controller 3.4.1c",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "endeca server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.6.0"
},
{
"model": "hp-ux b.11.11.16.09",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "integrated lights out manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "rational automation framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.9"
},
{
"model": "webex messenger service ep1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9.9"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "switch es1-24",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2919"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "hp-ux b.11.11.13.14",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 14.1r6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.25"
},
{
"model": "comware products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "70"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "integrated lights out manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0"
},
{
"model": "ios xe",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.13"
},
{
"model": "10.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "hp-ux b.11.23.1.007",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "endeca server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.5.0"
},
{
"model": "sun network 10ge switch 72p",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "integrated lights out manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.4.2-4"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.29-9"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.7"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "industrial router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9100"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "security network controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security manager sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.8"
},
{
"model": "enterprise manager ops center",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "rational tau interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "local collector appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.10"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 13.2x51-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "junos 14.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise manager ops center",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x46-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "hp-ux b.11.11.02.008",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x44-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.0"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "aspera point to point",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.5"
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x46-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "netinsight",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.14"
},
{
"model": "junos 12.1x47-d11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "junos 12.3r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "esight network v300r003c10spc201",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "agile engineering data management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.3.0"
},
{
"model": "socialminer",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "junos 14.2r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "endeca server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.3.0"
},
{
"model": "aspera faspex application",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.2"
},
{
"model": "asa cx and cisco prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 13.2x51-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos 12.1x47-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "model d9485 davic qpsk",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.24"
},
{
"model": "junos d35",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "vcx products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "agile engineering data management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.0.0"
},
{
"model": "junos 12.1x47-d45",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "nexus series fex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "tuxedo",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.1.0"
},
{
"model": "security network controller 1.0.3381m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3"
},
{
"model": "junos 12.1x44-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise manager ops center",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1"
},
{
"model": "rational tau interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "junos 12.1x46-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "hp-ux b.11.11.17.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.18-49"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "virtual security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "puredata system for analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "industrial router 1.2.1rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "910"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.13-41"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.31"
},
{
"model": "hp-ux b.11.23.07.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "netezza host management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.7.0"
},
{
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.2d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "contactoptimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"model": "junos 12.3x48-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9-34"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "security proventia network active bypass 0343c3c",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.23"
},
{
"model": "junos 12.1x46-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "junos 12.3r11",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aspera proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.2"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "junos 13.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "esight network v300r003c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"model": "junos 15.1x49-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "switch es1-24",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.3"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"model": "endeca server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.4"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-42"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "junos 14.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.4"
},
{
"model": "aspera enterprise server client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.5"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "worklight foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"model": "aspera ondemand",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.4"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "junos 12.3r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1876"
},
{
"model": "digital media players series 5.3 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "connected analytics for collaboration",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud service automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.5"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "worklight foundation enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "hp-ux b.11.11.14.15",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x44-d35.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "junos 12.3x48-d30",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.32"
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sun blade ethernet switched nem 24p 10ge",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "60001.2.2.13"
},
{
"model": "services analytic platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "switch es1-24",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "1.3.1.3"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.9"
},
{
"model": "security network controller 1.0.3376m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3379"
},
{
"model": "junos 13.2x51-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"model": "junos 12.1x46-d36",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "network performance analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "hp-ux b.11.11.15.13",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"model": "junos 15.1x49-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "model d9485 davic qpsk",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.2.19"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.1"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.33"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.6.0"
},
{
"model": "junos 12.1x46-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sun network 10ge switch 72p",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "1.2.2.15"
},
{
"model": "junos 12.1x47-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x51-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.3r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "digital media players series 5.3 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "junos 12.1x44-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "75652"
},
{
"db": "NVD",
"id": "CVE-2015-4000"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.1m",
"versionStartIncluding": "1.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.2a",
"versionStartIncluding": "1.0.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.1m",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:content_manager:8.5:*:*:*:*:enterprise:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r28.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update95:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1121",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:2.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:38.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:31.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mozilla:firefox_os:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:39.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:31.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4000"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "132943"
},
{
"db": "PACKETSTORM",
"id": "133039"
},
{
"db": "PACKETSTORM",
"id": "132803"
},
{
"db": "PACKETSTORM",
"id": "139114"
},
{
"db": "PACKETSTORM",
"id": "132697"
},
{
"db": "PACKETSTORM",
"id": "132439"
}
],
"trust": 0.6
},
"cve": "CVE-2015-4000",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-4000",
"trust": 1.0,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4000"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the \"Logjam\" issue. OpenSSL is prone to a security-bypass vulnerability because the application fails to properly verify SSL, TLS, and DTLS certificates. \nSuccessfully exploiting this issue allows attackers to perform man-in-the-middle attacks and bypass certain security restrictions. This may aid in further attacks. \nOpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n, and 1.0.1o are vulnerable. \n\nRelease Date: 2015-08-05\nLast Updated: 2015-08-05\n\nPotential Security Impact: Remote disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running\nOpenSSL with SSL/TLS enabled. \n\nThis is the TLS vulnerability using US export-grade 512-bit keys in\nDiffie-Hellman key exchange known as Logjam which could be exploited remotely\nresulting in disclosure of information. \n\nReferences:\n\nCVE-2015-4000: DHE man-in-the-middle protection (Logjam). \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-4000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2015-1788 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1791 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1793 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided an updated version of OpenSSL to resolve this vulnerability. \n\nA new B.11.31 depot for OpenSSL_A.01.00.01p is available here:\n\nhttps://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber\n=OPENSSL11I\n\nMANUAL ACTIONS: Yes - Update\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.31\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.01.00.01p or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 5 August 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. 6) - i386, x86_64\n\n3. \n\nIBM Java SDK and JRE 5.0 will not receive software updates after September\n2015. This date is referred to as the End of Service (EOS) date. Customers\nare advised to migrate to current versions of IBM Java at this time. IBM\nJava SDK and JRE versions 6 and 7 are available via the Red Hat Enterprise\nLinux 5 and 6 Supplementary content sets and will continue to receive\nupdates based on IBM\u0027s lifecycle policy, linked to in the References\nsection. \n\nCustomers can also consider OpenJDK, an open source implementation of\nthe Java SE specification. OpenJDK is available by default on supported\nhardware architectures. ============================================================================\nUbuntu Security Notice USN-2656-2\nJuly 15, 2015\n\nfirefox vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n\nSummary:\n\nFirefox could be made to crash or run programs as your login if it\nopened a malicious website. \n\nSoftware Description:\n- firefox: Mozilla Open Source web browser\n\nDetails:\n\nUSN-2656-1 fixed vulnerabilities in Firefox for Ubuntu 14.04 LTS and\nlater releases. \n\nThis update provides the corresponding update for Ubuntu 12.04 LTS. \n\nOriginal advisory details:\n\n Karthikeyan Bhargavan discovered that NSS incorrectly handled state\n transitions for the TLS state machine. \n (CVE-2015-2721)\n \n Looben Yan discovered 2 use-after-free issues when using XMLHttpRequest in\n some circumstances. (CVE-2015-2722,\n CVE-2015-2733)\n \n Bob Clary, Christian Holler, Bobby Holley, Andrew McCreight, Terrence\n Cole, Steve Fink, Mats Palmgren, Wes Kocher, Andreas Pehrson, Tooru\n Fujisawa, Andrew Sutherland, and Gary Kwong discovered multiple memory\n safety issues in Firefox. (CVE-2015-2724,\n CVE-2015-2725, CVE-2015-2726)\n \n Armin Razmdjou discovered that opening hyperlinks with specific mouse\n and key combinations could allow a Chrome privileged URL to be opened\n without context restrictions being preserved. (CVE-2015-2727)\n \n Paul Bandha discovered a type confusion bug in the Indexed DB Manager. (CVE-2015-2728)\n \n Holger Fuhrmannek discovered an out-of-bounds read in Web Audio. If a\n user were tricked in to opening a specially crafted website, an attacker\n could potentially exploit this to obtain sensitive information. \n (CVE-2015-2729)\n \n Watson Ladd discovered that NSS incorrectly handled Elliptical Curve\n Cryptography (ECC) multiplication. A remote attacker could possibly use\n this issue to spoof ECDSA signatures. (CVE-2015-2730)\n \n A use-after-free was discovered when a Content Policy modifies the DOM to\n remove a DOM object. (CVE-2015-2731)\n \n Ronald Crane discovered multiple security vulnerabilities. (CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737,\n CVE-2015-2738, CVE-2015-2739, CVE-2015-2740)\n \n David Keeler discovered that key pinning checks can be skipped when an\n overridable certificate error occurs. This allows a user to manually\n override an error for a fake certificate, but cannot be exploited on its\n own. (CVE-2015-2741)\n \n Jonas Jenwald discovered that some internal workers were incorrectly\n executed with a high privilege. An attacker could potentially exploit this to impersonate\n the server. (CVE-2015-4000)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n firefox 39.0+build5-0ubuntu0.12.04.2\n\nAfter a standard system update you need to restart Firefox to make\nall the necessary changes. \n\nCVE-2015-4000\n\n David Adrian et al. reported that it may be feasible to attack\n Diffie-Hellman-based cipher suites in certain circumstances,\n compromising the confidentiality and integrity of data encrypted\n with Transport Layer Security (TLS). \n\nCVE-2015-7181\nCVE-2015-7182\nCVE-2016-1950\n\n Tyson Smith, David Keeler, and Francis Gabriel discovered\n heap-based buffer overflows in the ASN.1 DER parser, potentially\n leading to arbitrary code execution. \n\nCVE-2015-7575\n\n Karthikeyan Bhargavan discovered that TLS client implementation\n accepted MD5-based signatures for TLS 1.2 connections with forward\n secrecy, weakening the intended security strength of TLS\n connections. \n\nCVE-2016-1938\n\n Hanno Boeck discovered that NSS miscomputed the result of integer\n division for certain inputs. This could weaken the cryptographic\n protections provided by NSS. However, NSS implements RSA-CRT leak\n hardening, so RSA private keys are not directly disclosed by this\n issue. \n\nCVE-2016-1978\n\n Eric Rescorla discovered a user-after-free vulnerability in the\n implementation of ECDH-based TLS handshakes, with unknown\n consequences. \n\nCVE-2016-1979\n\n Tim Taubert discovered a use-after-free vulnerability in ASN.1 DER\n processing, with application-specific impact. \n\nCVE-2016-2834\n\n Tyson Smith and Jed Davis discovered unspecified memory-safety\n bugs in NSS. \n\nIn addition, the NSS library did not ignore environment variables in\nprocesses which underwent a SUID/SGID/AT_SECURE transition at process\nstart. In certain system configurations, this allowed local users to\nescalate their privileges. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2:3.26-1+debu8u1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:3.23-1. \nHP Integration Adaptor v9.12. For\nfurther information, see the knowledge base article linked to in the\nReferences section. \n\nSecurity Fix(es):\n\n* A flaw was found in the way OpenSSL encoded certain ASN.1 data\nstructures. An attacker could use this flaw to create a specially crafted\ncertificate which, when verified or re-encoded by OpenSSL, could cause it\nto crash, or execute arbitrary code using the permissions of the user\nrunning an application compiled against the OpenSSL library. \n(CVE-2016-2108)\n\n* Multiple flaws were found in the way httpd parsed HTTP requests and\nresponses using chunked transfer encoding. A remote attacker could use\nthese flaws to create a specially crafted request, which httpd would decode\ndifferently from an HTTP proxy software in front of it, possibly leading to\nHTTP request smuggling attacks. (CVE-2015-3183)\n\n* A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7\nand CMS data. A remote attacker could use this flaw to cause an application\nthat parses PKCS#7 or CMS data from untrusted sources to use an excessive\namount of memory and possibly crash. (CVE-2015-4000)\n\n* An integer overflow flaw, leading to a buffer overflow, was found in the\nway the EVP_EncodeUpdate() function of OpenSSL parsed very large amounts of\ninput data. A remote attacker could use this flaw to crash an application\nusing OpenSSL or, possibly, execute arbitrary code with the permissions of\nthe user running that application. (CVE-2016-2105)\n\n* An integer overflow flaw, leading to a buffer overflow, was found in the\nway the EVP_EncryptUpdate() function of OpenSSL parsed very large amounts\nof input data. A remote attacker could use this flaw to crash an\napplication using OpenSSL or, possibly, execute arbitrary code with the\npermissions of the user running that application. (CVE-2016-2106)\n\n* It was discovered that it is possible to remotely Segfault Apache http\nserver with a specially crafted string sent to the mod_cluster via service\nmessages (MCMP). (CVE-2016-3110)\n\n* A denial of service flaw was found in the way OpenSSL parsed certain\nASN.1-encoded data from BIO (OpenSSL\u0027s I/O abstraction) inputs. An\napplication using OpenSSL that accepts untrusted ASN.1 BIO input could be\nforced to allocate an excessive amount of data. (CVE-2016-2109)\n\n* It was discovered that specifying configuration with a JVMRoute path\nlonger than 80 characters will cause segmentation fault leading to a server\ncrash. (CVE-2016-4459)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2016-2108, CVE-2016-2105, and CVE-2016-2106 and Michal Karm Babacek for\nreporting CVE-2016-3110. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno\nBAPck, and David Benjamin (Google) as the original reporters of\nCVE-2016-2108; and Guido Vranken as the original reporter of CVE-2016-2105\nand CVE-2016-2106. Bugs fixed (https://bugzilla.redhat.com/):\n\n1223211 - CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks\n1243887 - CVE-2015-3183 httpd: HTTP request smuggling attack against chunked request parser\n1288322 - CVE-2015-3195 OpenSSL: X509_ATTRIBUTE memory leak\n1326320 - CVE-2016-3110 mod_cluster: remotely Segfault Apache http server\n1330101 - CVE-2016-2109 openssl: ASN.1 BIO handling of large amounts of data\n1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder\n1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow\n1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow\n1341583 - CVE-2016-4459 mod_cluster: Buffer overflow in mod_manager when sending request with long JVMRoute\n1345989 - RHEL7 RPMs: Upgrade mod_cluster-native to 1.2.13.Final-redhat-1\n1345993 - RHEL7 RPMs: Upgrade mod_jk to 1.2.41.redhat-1\n1345997 - RHEL7 RPMs: Upgrade tomcat-native to 1.1.34\n\n6. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: java-1.7.0-openjdk security update\nAdvisory ID: RHSA-2015:1229-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1229.html\nIssue date: 2015-07-15\nCVE Names: CVE-2015-2590 CVE-2015-2601 CVE-2015-2621 \n CVE-2015-2625 CVE-2015-2628 CVE-2015-2632 \n CVE-2015-2808 CVE-2015-4000 CVE-2015-4731 \n CVE-2015-4732 CVE-2015-4733 CVE-2015-4748 \n CVE-2015-4749 CVE-2015-4760 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.7.0-openjdk packages that fix multiple security issues are\nnow available for Red Hat Enterprise Linux 6 and 7. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64\n\n3. Description:\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit. \n\nMultiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI\ncomponents in OpenJDK. An untrusted Java application or applet could use\nthese flaws to bypass Java sandbox restrictions. (CVE-2015-4760,\nCVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733)\n\nA flaw was found in the way the Libraries component of OpenJDK verified\nOnline Certificate Status Protocol (OCSP) responses. An OCSP response with\nno nextUpdate date specified was incorrectly handled as having unlimited\nvalidity, possibly causing a revoked X.509 certificate to be interpreted as\nvalid. (CVE-2015-4748)\n\nIt was discovered that the JCE component in OpenJDK failed to use constant\ntime comparisons in multiple cases. An attacker could possibly use these\nflaws to disclose sensitive information by measuring the time used to\nperform operations using these non-constant time comparisons. \n(CVE-2015-2601)\n\nA flaw was found in the RC4 encryption algorithm. When using certain keys\nfor RC4 encryption, an attacker could obtain portions of the plain text\nfrom the cipher text without the knowledge of the encryption key. \n(CVE-2015-2808)\n\nNote: With this update, OpenJDK now disables RC4 TLS/SSL cipher suites by\ndefault to address the CVE-2015-2808 issue. Refer to Red Hat Bugzilla bug\n1207101, linked to in the References section, for additional details about\nthis change. \n\nA flaw was found in the way the TLS protocol composed the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenJDK to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Refer to Red Hat Bugzilla bug 1223211,\nlinked to in the References section, for additional details about this\nchange. \n\nIt was discovered that the JNDI component in OpenJDK did not handle DNS\nresolutions correctly. An attacker able to trigger such DNS errors could\ncause a Java application using JNDI to consume memory and CPU time, and\npossibly block further DNS resolution. (CVE-2015-4749)\n\nMultiple information leak flaws were found in the JMX and 2D components in\nOpenJDK. An untrusted Java application or applet could use this flaw to\nbypass certain Java sandbox restrictions. (CVE-2015-2621, CVE-2015-2632)\n\nA flaw was found in the way the JSSE component in OpenJDK performed X.509\ncertificate identity verification when establishing a TLS/SSL connection to\na host identified by an IP address. In certain cases, the certificate was\naccepted as valid if it was issued for a host name to which the IP address\nresolves rather than for the IP address. (CVE-2015-2625)\n\nNote: If the web browser plug-in provided by the icedtea-web package was\ninstalled, the issues exposed via Java applets could have been exploited\nwithout user interaction if a user visited a malicious website. \n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1207101 - CVE-2015-2808 SSL/TLS: \"Invariance Weakness\" vulnerability in RC4 stream cipher\n1223211 - CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks\n1241965 - CVE-2015-2625 OpenJDK: name for reverse DNS lookup used in certificate identity check (JSSE, 8067694)\n1242019 - CVE-2015-2601 OpenJDK: non-constant time comparisons in crypto code (JCE, 8074865)\n1242232 - CVE-2015-2628 OpenJDK: IIOPInputStream type confusion vulnerability (CORBA, 8076376)\n1242234 - CVE-2015-4731 OpenJDK: improper permission checks in MBeanServerInvocationHandler (JMX, 8076397)\n1242240 - CVE-2015-4732 OpenJDK: insufficient context checks during object deserialization (Libraries, 8076405)\n1242275 - CVE-2015-4733 OpenJDK: RemoteObjectInvocationHandler allows calling finalize() (RMI, 8076409)\n1242281 - CVE-2015-4748 OpenJDK: incorrect OCSP nextUpdate checking (Libraries, 8075374)\n1242372 - CVE-2015-2621 OpenJDK: incorrect code permission checks in RMIConnectionImpl (JMX, 8075853)\n1242379 - CVE-2015-4749 OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)\n1242394 - CVE-2015-2632 ICU: integer overflow in LETableReference verifyLength() (OpenJDK 2D, 8077520)\n1242447 - CVE-2015-4760 ICU: missing boundary checks in layout engine (OpenJDK 2D, 8071715)\n1243139 - CVE-2015-2590 OpenJDK: deserialization issue in ObjectInputStream.readSerialData() (Libraries, 8076401)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el6_6.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.src.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el6_6.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el6_6.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el6_6.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.src.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-headless-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.2.el7_1.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-accessibility-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.src.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-headless-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.2.el7_1.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-accessibility-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.src.rpm\n\nppc64:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm\njava-1.7.0-openjdk-headless-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm\n\ns390x:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.s390x.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.s390x.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.el7_1.s390x.rpm\njava-1.7.0-openjdk-headless-1.7.0.85-2.6.1.2.el7_1.s390x.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-headless-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.2.ael7b_1.src.rpm\n\nppc64le:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm\njava-1.7.0-openjdk-headless-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.2.el7_1.noarch.rpm\n\nppc64:\njava-1.7.0-openjdk-accessibility-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.2.el7_1.ppc64.rpm\n\ns390x:\njava-1.7.0-openjdk-accessibility-1.7.0.85-2.6.1.2.el7_1.s390x.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.s390x.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.2.el7_1.s390x.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.2.el7_1.s390x.rpm\n\nx86_64:\njava-1.7.0-openjdk-accessibility-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.2.ael7b_1.noarch.rpm\n\nppc64le:\njava-1.7.0-openjdk-accessibility-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.2.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.src.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-headless-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.2.el7_1.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-accessibility-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.2.el7_1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-2590\nhttps://access.redhat.com/security/cve/CVE-2015-2601\nhttps://access.redhat.com/security/cve/CVE-2015-2621\nhttps://access.redhat.com/security/cve/CVE-2015-2625\nhttps://access.redhat.com/security/cve/CVE-2015-2628\nhttps://access.redhat.com/security/cve/CVE-2015-2632\nhttps://access.redhat.com/security/cve/CVE-2015-2808\nhttps://access.redhat.com/security/cve/CVE-2015-4000\nhttps://access.redhat.com/security/cve/CVE-2015-4731\nhttps://access.redhat.com/security/cve/CVE-2015-4732\nhttps://access.redhat.com/security/cve/CVE-2015-4733\nhttps://access.redhat.com/security/cve/CVE-2015-4748\nhttps://access.redhat.com/security/cve/CVE-2015-4749\nhttps://access.redhat.com/security/cve/CVE-2015-4760\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1207101#c11\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1223211#c33\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVpliAXlSAg2UNWIIRAmDIAKC0SKJPEBiUrI0sgDcQMZTM/nm7nwCfUIje\nQU57Hj/UGZeY+OmKchPFPcI=\n=miFC\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 7) - x86_64\n\n3. Description:\n\nNetwork Security Services (NSS) is a set of libraries designed to support \ncross-platform development of security-enabled client and server\napplications. Future updates may raise this limit to\n1024 bits. \n\nThe nss and nss-util packages have been upgraded to upstream versions\n3.19.1. The upgraded versions provide a number of bug fixes and\nenhancements over the previous versions. Bugs fixed (https://bugzilla.redhat.com/):\n\n1223211 - CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks\n\n6. OpenSSL Security Advisory [11 Jun 2015]\n=======================================\n\nDHE man-in-the-middle protection (Logjam)\n====================================================================\n\nA vulnerability in the TLS protocol allows a man-in-the-middle\nattacker to downgrade vulnerable TLS connections using ephemeral\nDiffie-Hellman key exchange to 512-bit export-grade cryptography. This\nvulnerability is known as Logjam (CVE-2015-4000). \n\nOpenSSL has added protection for TLS clients by rejecting handshakes\nwith DH parameters shorter than 768 bits. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\n\nFixes for this issue were developed by Emilia K\u00e4sper and Kurt Roeckx\nof the OpenSSL development team. \n\nMalformed ECParameters causes infinite loop (CVE-2015-1788)\n===========================================================\n\nSeverity: Moderate\n\nWhen processing an ECParameters structure OpenSSL enters an infinite loop if\nthe curve specified is over a specially malformed binary polynomial field. \n\nThis can be used to perform denial of service against any\nsystem which processes public keys, certificate requests or\ncertificates. This includes TLS clients and TLS servers with\nclient authentication enabled. 1.0.0d and 0.9.8r and below are\naffected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s\nOpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The\nfix was developed by Andy Polyakov of the OpenSSL development team. \n\nExploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)\n===============================================================\n\nSeverity: Moderate\n\nX509_cmp_time does not properly check the length of the ASN1_TIME\nstring and can read a few bytes out of bounds. In addition,\nX509_cmp_time accepts an arbitrary number of fractional seconds in the\ntime string. \n\nAn attacker can use this to craft malformed certificates and CRLs of\nvarious sizes and potentially cause a segmentation fault, resulting in\na DoS on applications that verify certificates or CRLs. TLS clients\nthat verify CRLs are affected. TLS clients and servers with client\nauthentication enabled may be affected if they use custom verification\ncallbacks. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 8th April 2015 by Robert Swiecki\n(Google), and independently on 11th April 2015 by Hanno B\u00f6ck. The fix\nwas developed by Emilia K\u00e4sper of the OpenSSL development team. \n\nPKCS7 crash with missing EnvelopedContent (CVE-2015-1790)\n=========================================================\n\nSeverity: Moderate\n\nThe PKCS#7 parsing code does not handle missing inner EncryptedContent\ncorrectly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs\nwith missing content and trigger a NULL pointer dereference on parsing. \n\nApplications that decrypt PKCS#7 data or otherwise parse PKCS#7\nstructures from untrusted sources are affected. OpenSSL clients and\nservers are not affected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 18th April 2015 by Michal\nZalewski (Google). The fix was developed by Emilia K\u00e4sper of the\nOpenSSL development team. \n\nCMS verify infinite loop with unknown hash function (CVE-2015-1792)\n===================================================================\n\nSeverity: Moderate\n\nWhen verifying a signedData message the CMS code can enter an infinite loop\nif presented with an unknown hash function OID. \n\nThis can be used to perform denial of service against any system which\nverifies signedData messages using the CMS code. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 31st March 2015 by Johannes Bauer. The\nfix was developed by Dr. Stephen Henson of the OpenSSL development team. \n\nRace condition handling NewSessionTicket (CVE-2015-1791)\n========================================================\n\nSeverity: Low\n\nIf a NewSessionTicket is received by a multi-threaded client when attempting to\nreuse a previous ticket then a race condition can occur potentially leading to\na double free of the ticket data. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was discovered by Emilia K\u00e4sper of the OpenSSL development team. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nInvalid free in DTLS (CVE-2014-8176)\n====================================\n\nSeverity: Moderate\n\nThis vulnerability does not affect current versions of OpenSSL. It\nexisted in previous OpenSSL versions and was fixed in June 2014. \n\nIf a DTLS peer receives application data between the ChangeCipherSpec\nand Finished messages, buffering of such data may cause an invalid\nfree, resulting in a segmentation fault or potentially, memory\ncorruption. \n\nThis issue was originally reported on March 28th 2014 in\nhttps://rt.openssl.org/Ticket/Display.html?id=3286 by Praveen\nKariyanahalli, and subsequently by Ivan Fratric and Felix Groebert\n(Google). A fix was developed by zhu qun-ying. \n\nThe fix for this issue can be identified by commits bcc31166 (1.0.1),\nb79e6e3a (1.0.0) and 4b258e73 (0.9.8). \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions\n1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these\nreleases will be provided after that date. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20150611.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n. \nDH parameter with 1024 bits is used by default. \nAllow to configure custom DHE or ECDHE parameters by appending the concerned\nparameter file to the certificate file given for the SSLCertificateFile\ndirective. \n\nCVE-2015-2808:\n\nDisable RC4 cipher in configuration file",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4000"
},
{
"db": "BID",
"id": "75652"
},
{
"db": "PACKETSTORM",
"id": "132835"
},
{
"db": "PACKETSTORM",
"id": "132973"
},
{
"db": "PACKETSTORM",
"id": "132943"
},
{
"db": "PACKETSTORM",
"id": "133039"
},
{
"db": "PACKETSTORM",
"id": "132699"
},
{
"db": "PACKETSTORM",
"id": "133990"
},
{
"db": "PACKETSTORM",
"id": "132803"
},
{
"db": "PACKETSTORM",
"id": "139002"
},
{
"db": "PACKETSTORM",
"id": "133337"
},
{
"db": "PACKETSTORM",
"id": "139114"
},
{
"db": "PACKETSTORM",
"id": "132921"
},
{
"db": "PACKETSTORM",
"id": "132697"
},
{
"db": "PACKETSTORM",
"id": "132439"
},
{
"db": "PACKETSTORM",
"id": "132413"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "PACKETSTORM",
"id": "135172"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-4000",
"trust": 2.9
},
{
"db": "SECTRACK",
"id": "1033064",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1034884",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032777",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032649",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033065",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032865",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032784",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032871",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033760",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033067",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1036218",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033222",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032778",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032637",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032759",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033208",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033430",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1034087",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032702",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032783",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032648",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032476",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033991",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1040630",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032960",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033891",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032856",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033416",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032910",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033513",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032475",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032651",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032727",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032864",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033341",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033433",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032688",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032645",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033019",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033209",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032652",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032654",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032655",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032932",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032653",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032474",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1034728",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032650",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033385",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1033210",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032699",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032884",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032656",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1032647",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2015/05/20/8",
"trust": 1.0
},
{
"db": "JUNIPER",
"id": "JSA10681",
"trust": 1.0
},
{
"db": "JUNIPER",
"id": "JSA10727",
"trust": 1.0
},
{
"db": "BID",
"id": "74733",
"trust": 1.0
},
{
"db": "BID",
"id": "91787",
"trust": 1.0
},
{
"db": "MCAFEE",
"id": "SB10122",
"trust": 1.0
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.0
},
{
"db": "JUNIPER",
"id": "JSA10694",
"trust": 0.3
},
{
"db": "BID",
"id": "75652",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "139002",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132835",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132973",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132943",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133039",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132699",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132803",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135172",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133337",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139114",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132921",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132697",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132439",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132413",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169629",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "75652"
},
{
"db": "PACKETSTORM",
"id": "139002"
},
{
"db": "PACKETSTORM",
"id": "132835"
},
{
"db": "PACKETSTORM",
"id": "132973"
},
{
"db": "PACKETSTORM",
"id": "132943"
},
{
"db": "PACKETSTORM",
"id": "133039"
},
{
"db": "PACKETSTORM",
"id": "132699"
},
{
"db": "PACKETSTORM",
"id": "133990"
},
{
"db": "PACKETSTORM",
"id": "132803"
},
{
"db": "PACKETSTORM",
"id": "135172"
},
{
"db": "PACKETSTORM",
"id": "133337"
},
{
"db": "PACKETSTORM",
"id": "139114"
},
{
"db": "PACKETSTORM",
"id": "132921"
},
{
"db": "PACKETSTORM",
"id": "132697"
},
{
"db": "PACKETSTORM",
"id": "132439"
},
{
"db": "PACKETSTORM",
"id": "132413"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "NVD",
"id": "CVE-2015-4000"
}
]
},
"id": "VAR-201505-0233",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.54851742
},
"last_update_date": "2024-07-22T21:28:15.176000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4000"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4000"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1544.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1604.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2656-2"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2656-1"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1486.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1229.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1185.html"
},
{
"trust": 1.1,
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"trust": 1.0,
"url": "http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc"
},
{
"trust": 1.0,
"url": "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery"
},
{
"trust": 1.0,
"url": "http://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2015-008.txt.asc"
},
{
"trust": 1.0,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04876402"
},
{
"trust": 1.0,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04949778"
},
{
"trust": 1.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10681"
},
{
"trust": 1.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10727"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00002.html"
},
{
"trust": 1.0,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/159314.html"
},
{
"trust": 1.0,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/159351.html"
},
{
"trust": 1.0,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160117.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143506486712441\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143557934009303\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143558092609708\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143628304012255\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143637549705650\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143655800220052\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144043644216842\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144050121701297\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144060576831314\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144060606031437\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144061542602287\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144069189622016\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144102017024820\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144104533800819\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=145409266329539\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openwall.com/lists/oss-security/2015/05/20/8"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1072.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1197.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1228.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1230.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1241.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1242.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1243.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1485.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1488.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1526.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1624.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2056.html"
},
{
"trust": 1.0,
"url": "http://support.apple.com/kb/ht204941"
},
{
"trust": 1.0,
"url": "http://support.apple.com/kb/ht204942"
},
{
"trust": 1.0,
"url": "http://support.citrix.com/article/ctx201114"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959111"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959195"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959325"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959453"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959481"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959517"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959530"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959539"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959636"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959812"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960191"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961717"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962455"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962739"
},
{
"trust": 1.0,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21958984"
},
{
"trust": 1.0,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21959132"
},
{
"trust": 1.0,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041"
},
{
"trust": 1.0,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"trust": 1.0,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960380"
},
{
"trust": 1.0,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960418"
},
{
"trust": 1.0,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21962816"
},
{
"trust": 1.0,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21967893"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2015/dsa-3287"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2015/dsa-3300"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2015/dsa-3324"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2016/dsa-3688"
},
{
"trust": 1.0,
"url": "http://www.fortiguard.com/advisory/2015-05-20-logjam-attack"
},
{
"trust": 1.0,
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-70.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/74733"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032474"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032475"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032476"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032637"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032645"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032647"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032648"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032649"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032650"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032651"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032652"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032653"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032654"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032655"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032656"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032688"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032699"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032702"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032727"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032759"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032777"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032778"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032783"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032784"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032856"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032864"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032865"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032871"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032884"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032910"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032932"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032960"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033019"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033064"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033065"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033067"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033208"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033209"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033210"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033222"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033341"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033385"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033416"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033430"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033433"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033513"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033760"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033891"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1033991"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1034087"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1034728"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1034884"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1036218"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1040630"
},
{
"trust": 1.0,
"url": "http://www.solarwinds.com/documentation/storage/storagemanager/docs/releasenotes/releasenotes.htm"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-2673-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-2696-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-2706-1"
},
{
"trust": 1.0,
"url": "https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/"
},
{
"trust": 1.0,
"url": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"trust": 1.0,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1138554"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.0,
"url": "https://developer.mozilla.org/en-us/docs/mozilla/projects/nss/nss_3.19.1_release_notes"
},
{
"trust": 1.0,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04718196"
},
{
"trust": 1.0,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04770140"
},
{
"trust": 1.0,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04772190"
},
{
"trust": 1.0,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04773119"
},
{
"trust": 1.0,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04773241"
},
{
"trust": 1.0,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04832246"
},
{
"trust": 1.0,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04918839"
},
{
"trust": 1.0,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04923929"
},
{
"trust": 1.0,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04926789"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04740527"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04953655"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05045763"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05128722"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05193083"
},
{
"trust": 1.0,
"url": "https://help.ecostruxureit.com/display/public/uadco8x/struxureware+data+center+operation+software+vulnerability+fixes"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10122"
},
{
"trust": 1.0,
"url": "https://openssl.org/news/secadv/20150611.txt"
},
{
"trust": 1.0,
"url": "https://puppet.com/security/cve/cve-2015-4000"
},
{
"trust": 1.0,
"url": "https://security.gentoo.org/glsa/201506-02"
},
{
"trust": 1.0,
"url": "https://security.gentoo.org/glsa/201512-10"
},
{
"trust": 1.0,
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"trust": 1.0,
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"trust": 1.0,
"url": "https://security.netapp.com/advisory/ntap-20150619-0001/"
},
{
"trust": 1.0,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 1.0,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03831en_us"
},
{
"trust": 1.0,
"url": "https://weakdh.org/"
},
{
"trust": 1.0,
"url": "https://weakdh.org/imperfect-forward-secrecy.pdf"
},
{
"trust": 1.0,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21959745"
},
{
"trust": 1.0,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098403"
},
{
"trust": 1.0,
"url": "https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/"
},
{
"trust": 1.0,
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"trust": 1.0,
"url": "https://www.suse.com/security/cve/cve-2015-4000.html"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2015-4000"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4732"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4760"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2601"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2632"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2621"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2808"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2590"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4733"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4749"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4731"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4748"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2625"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.4,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4760"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-2621"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-2601"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4732"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-2632"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4733"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4748"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4731"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4749"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-2590"
},
{
"trust": 0.3,
"url": "https://mta.openssl.org/pipermail/openssl-announce/2015-july/000037.html"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://support.asperasoft.com/entries/94843988-security-bulletin-openssl-,-tls-vulnerabilities-logjam-cve-2015-4000"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/aug/13"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10694"
},
{
"trust": 0.3,
"url": "https://www.openssl.org/news/secadv_20150709.txt"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04822825"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05184351"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150710-openssl"
},
{
"trust": 0.3,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-454058.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962519"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964231"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21965399"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020840"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961179"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962398"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962929"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963448"
},
{
"trust": 0.3,
"url": "https://www.openssl.org/news/vulnerabilities.html#2015-1793"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963498"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966481"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966484"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965725"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965807"
},
{
"trust": 0.3,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.3,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.3,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-2664"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223211#c33"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-1931"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2638"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-2638"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1931"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2664"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-2637"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2637"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-2625"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3183"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2628"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1790"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1788"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1792"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2740"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2737"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2721"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2739"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2734"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2724"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2735"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2736"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2738"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1979"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1938"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7182"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1950"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7181"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8873"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0477"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0480"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0478"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0470"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0469"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2613"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0488"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0460"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1793"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber"
},
{
"trust": 0.1,
"url": "https://www.ibm.com/developerworks/java/jdk/lifecycle/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2728"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2730"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/39.0+build5-0ubuntu0.12.04.2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2727"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2725"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2731"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2741"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2726"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2722"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2729"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2743"
},
{
"trust": 0.1,
"url": "http://software.hp.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0226"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5704"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hpe.com/portal/swdepot/displayproductinfo.do?productnumbe"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04832246"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/face"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/2688611"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/solutions/222023"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-2054.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4459"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3110"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4459"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3183"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform/6.4/index.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3110"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=6.4"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2108"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207101#c11"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2808"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2628"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facets"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://rt.openssl.org/ticket/display.html?id=3286"
}
],
"sources": [
{
"db": "BID",
"id": "75652"
},
{
"db": "PACKETSTORM",
"id": "139002"
},
{
"db": "PACKETSTORM",
"id": "132835"
},
{
"db": "PACKETSTORM",
"id": "132973"
},
{
"db": "PACKETSTORM",
"id": "132943"
},
{
"db": "PACKETSTORM",
"id": "133039"
},
{
"db": "PACKETSTORM",
"id": "132699"
},
{
"db": "PACKETSTORM",
"id": "133990"
},
{
"db": "PACKETSTORM",
"id": "132803"
},
{
"db": "PACKETSTORM",
"id": "135172"
},
{
"db": "PACKETSTORM",
"id": "133337"
},
{
"db": "PACKETSTORM",
"id": "139114"
},
{
"db": "PACKETSTORM",
"id": "132921"
},
{
"db": "PACKETSTORM",
"id": "132697"
},
{
"db": "PACKETSTORM",
"id": "132439"
},
{
"db": "PACKETSTORM",
"id": "132413"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "NVD",
"id": "CVE-2015-4000"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "75652"
},
{
"db": "PACKETSTORM",
"id": "139002"
},
{
"db": "PACKETSTORM",
"id": "132835"
},
{
"db": "PACKETSTORM",
"id": "132973"
},
{
"db": "PACKETSTORM",
"id": "132943"
},
{
"db": "PACKETSTORM",
"id": "133039"
},
{
"db": "PACKETSTORM",
"id": "132699"
},
{
"db": "PACKETSTORM",
"id": "133990"
},
{
"db": "PACKETSTORM",
"id": "132803"
},
{
"db": "PACKETSTORM",
"id": "135172"
},
{
"db": "PACKETSTORM",
"id": "133337"
},
{
"db": "PACKETSTORM",
"id": "139114"
},
{
"db": "PACKETSTORM",
"id": "132921"
},
{
"db": "PACKETSTORM",
"id": "132697"
},
{
"db": "PACKETSTORM",
"id": "132439"
},
{
"db": "PACKETSTORM",
"id": "132413"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "NVD",
"id": "CVE-2015-4000"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-07-09T00:00:00",
"db": "BID",
"id": "75652"
},
{
"date": "2016-10-06T20:59:47",
"db": "PACKETSTORM",
"id": "139002"
},
{
"date": "2015-07-27T15:36:14",
"db": "PACKETSTORM",
"id": "132835"
},
{
"date": "2015-08-06T10:10:00",
"db": "PACKETSTORM",
"id": "132973"
},
{
"date": "2015-08-04T17:55:43",
"db": "PACKETSTORM",
"id": "132943"
},
{
"date": "2015-08-12T19:42:09",
"db": "PACKETSTORM",
"id": "133039"
},
{
"date": "2015-07-16T17:45:50",
"db": "PACKETSTORM",
"id": "132699"
},
{
"date": "2015-10-16T01:44:08",
"db": "PACKETSTORM",
"id": "133990"
},
{
"date": "2015-07-22T22:38:54",
"db": "PACKETSTORM",
"id": "132803"
},
{
"date": "2016-01-08T15:12:14",
"db": "PACKETSTORM",
"id": "135172"
},
{
"date": "2015-08-26T23:41:29",
"db": "PACKETSTORM",
"id": "133337"
},
{
"date": "2016-10-12T20:16:45",
"db": "PACKETSTORM",
"id": "139114"
},
{
"date": "2015-08-04T01:08:37",
"db": "PACKETSTORM",
"id": "132921"
},
{
"date": "2015-07-16T17:45:29",
"db": "PACKETSTORM",
"id": "132697"
},
{
"date": "2015-06-25T14:18:03",
"db": "PACKETSTORM",
"id": "132439"
},
{
"date": "2015-06-23T14:09:34",
"db": "PACKETSTORM",
"id": "132413"
},
{
"date": "2015-06-11T12:12:12",
"db": "PACKETSTORM",
"id": "169629"
},
{
"date": "2015-05-21T00:59:00.087000",
"db": "NVD",
"id": "CVE-2015-4000"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-26T05:10:00",
"db": "BID",
"id": "75652"
},
{
"date": "2023-02-09T16:15:28.840000",
"db": "NVD",
"id": "CVE-2015-4000"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "75652"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL CVE-2015-1793 Certificate Verification Security Bypass Vulnerability",
"sources": [
{
"db": "BID",
"id": "75652"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "75652"
}
],
"trust": 0.3
}
}