Vulnerabilites related to huawei - oceanstor_18800f
Vulnerability from fkie_nvd
Published
2015-04-01 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "C306035B-10B2-4BC5-B6DE-194BE343DA8E", versionEndIncluding: "3.9.0", versionStartIncluding: "3.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_policy_management:*:*:*:*:*:*:*:*", matchCriteriaId: "D3AB62FE-AB1A-4162-8A51-E34EDE33DD85", versionEndExcluding: "9.9.2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*", matchCriteriaId: "911FBD5E-213D-482F-81A9-C3B8CE7D903A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:11.1.1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "EBD2676F-EE9D-4462-ABA5-C11CE726849C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.1.3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6505AE29-5091-4C72-AF6B-932DEF53A8D2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "4EC475C1-A339-4C49-B6BA-A0E4D6FDF5DF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "38A45A86-3B7E-4245-B717-2A6E868BE6BE", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "24EDBB8B-1AFB-498D-B78C-7BC72B8C1085", versionEndIncluding: "3.2.11", versionStartIncluding: "3.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3024389-3D4A-4E19-BE42-DAF9EA51D471", versionEndIncluding: "4.0.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*", matchCriteriaId: "85EA16E0-9261-45C4-840F-5366E9EAC5E1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*", matchCriteriaId: "319EC0C6-94C5-494A-9C5D-DC5124DFC8E1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "A67A7B7A-998D-4B8C-8831-6E58406565FE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "807C024A-F8E8-4B48-A349-4C68CD252CA1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F96E3779-F56A-45FF-BB3D-4980527D721E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", matchCriteriaId: "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", matchCriteriaId: "16E6D998-B41D-4B49-9E00-8336D2E40A4A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "98381E61-F082-4302-B51F-5648884F998B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*", matchCriteriaId: "58D3B6FD-B474-4B09-B644-A8634A629280", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*", matchCriteriaId: "F892F1B0-514C-42F7-90AE-12ACDFDC1033", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "3ED68ADD-BBDA-4485-BC76-58F011D72311", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", matchCriteriaId: "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", matchCriteriaId: "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*", matchCriteriaId: "35BBD83D-BDC7-4678-BE94-639F59281139", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*", matchCriteriaId: "67960FB9-13D1-4DEE-8158-31BF31BCBE6F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", matchCriteriaId: "CB6476C7-03F2-4939-AB85-69AA524516D9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "2470C6E8-2024-4CF5-9982-CFF50E88EAE9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", matchCriteriaId: "15FC9014-BD85-4382-9D04-C0703E901D7A", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", matchCriteriaId: "2F7F8866-DEAD-44D1-AB10-21EE611AA026", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", matchCriteriaId: "1831D45A-EE6E-4220-8F8C-248B69520948", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:manager:1.7:*:*:*:*:*:*:*", matchCriteriaId: "2C9E2D37-9F56-49E0-BB28-56FB755CE078", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*", matchCriteriaId: "88D6E858-FD8F-4C55-B7D5-CEEDA2BBA898", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*", matchCriteriaId: "D4840254-CC76-4113-BC61-360BD15582B9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", matchCriteriaId: "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:sparc_enterprise_m3000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9DBE3B60-DED8-4F47-A60F-410ECB873BAE", versionEndExcluding: "xcp_1121", versionStartIncluding: "xcp", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:sparc_enterprise_m3000:-:*:*:*:*:*:*:*", matchCriteriaId: "AB54B753-F066-4387-B0C3-43E647A42EBE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:sparc_enterprise_m4000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5BBD38A2-1B17-4B28-9FE1-6D62A6337C12", versionEndExcluding: "xcp_1121", versionStartIncluding: "xcp", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:sparc_enterprise_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "1846C0CA-AE13-435F-BF91-EEE0CC311DD5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:sparc_enterprise_m5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5884F45B-F822-46B9-A0DC-6B59A3C3E7E0", versionEndExcluding: "xcp_1121", versionStartIncluding: "xcp", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:sparc_enterprise_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "C2EDCD99-9677-45A7-9221-3A6A41917A7C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:sparc_enterprise_m8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9ED7A13F-9510-4FA0-96A6-D2D34D49545F", versionEndExcluding: "xcp_1121", versionStartIncluding: "xcp", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:sparc_enterprise_m8000:-:*:*:*:*:*:*:*", matchCriteriaId: "9581ABD4-5ED6-4EC5-8A0B-1D7A449C10D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:sparc_enterprise_m9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C4C1EC1-19BE-4E1E-8F56-47A83AD0410D", versionEndExcluding: "xcp_1121", versionStartIncluding: "xcp", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:sparc_enterprise_m9000:-:*:*:*:*:*:*:*", matchCriteriaId: "0A2CEAD6-9F8C-411C-9107-BA858CB8A31B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:e6000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "075D228F-B3F3-44A0-9C93-510E2EF7BE16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:e6000:-:*:*:*:*:*:*:*", matchCriteriaId: "1F66D29E-0B7F-45D3-BECC-21952F4A4850", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:e9000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA0AE74D-A6FC-44A1-80D4-CB5039FD31AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:e9000:-:*:*:*:*:*:*:*", matchCriteriaId: "741F1B4C-D77D-416F-B6D9-0359F391D96F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_18500_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "929D8B7A-4535-49EA-9DD6-AB83174337AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_18500:-:*:*:*:*:*:*:*", matchCriteriaId: "B7AAE27E-EB13-43E2-A7F4-7973977AD936", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_18800_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E00020C-C1FB-425B-B285-BCF7450F76B0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_18800:-:*:*:*:*:*:*:*", matchCriteriaId: "B196FDFF-8A1D-4E7D-895A-1D09ADACC396", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_18800f_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "47CA0343-7F2A-45BE-B7A2-8F91F31C0912", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_18800f:-:*:*:*:*:*:*:*", matchCriteriaId: "4E675B6C-C847-486F-8946-F98E271E1DC0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_9000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "45D279CD-1344-4200-B4DF-303739323D19", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "AEC54023-CF84-4095-A3E8-2D6E334768E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_cse_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4D5F81B5-BD6E-4B10-8EB9-AE0929E3DCE6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_cse:-:*:*:*:*:*:*:*", matchCriteriaId: "7E9846D2-4A8C-421E-8FE0-F6091DD2B30E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_hvs85t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C2453CC3-FDD3-4C42-9D17-C231DA2D1F41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_hvs85t:-:*:*:*:*:*:*:*", matchCriteriaId: "675CCB4F-BB76-45DC-9E6E-3BD279995084", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_s2600t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD74E7B-DB83-44DF-9A0B-D2EFF346855A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_s2600t:-:*:*:*:*:*:*:*", matchCriteriaId: "5FFC0113-86D7-45B1-975F-B24AF1951C4A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_s5500t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6E3E931B-BD89-48D1-BE5F-0BDBF78914C0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_s5500t:-:*:*:*:*:*:*:*", matchCriteriaId: "F36770F0-2E40-42FF-BD7B-7AE2C84E62A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_s5600t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "63E1D8ED-A4EC-46B4-A0C0-8F46262F1D2F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_s5600t:-:*:*:*:*:*:*:*", matchCriteriaId: "6830C365-357D-41A3-8AA7-3B4854260762", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_s5800t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7A307235-4B7B-40EE-807A-9C8FFD8DF72C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_s5800t:-:*:*:*:*:*:*:*", matchCriteriaId: "866A8777-DB2A-4915-8DA6-1AF751742354", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_s6800t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "488319BB-6D39-4AA5-85A8-840EF46227F4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_s6800t:-:*:*:*:*:*:*:*", matchCriteriaId: "C1F50E5B-8733-43AB-B6CF-66AC7305E2DB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_vis6600t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0BC3C090-EB04-4A0D-8644-51002CF2ABF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_vis6600t:-:*:*:*:*:*:*:*", matchCriteriaId: "4D0988C3-BAE5-4B5A-92FC-9D275B4DE9F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:quidway_s9300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4F01C05D-6937-4FAD-A0E1-6168EE1D7CE4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:quidway_s9300:-:*:*:*:*:*:*:*", matchCriteriaId: "2E756FE8-F106-4BFD-B33B-CC198363D2FD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s7700_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CF102265-497A-4766-80C8-323D511B4EAF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*", matchCriteriaId: "8769C2C4-E333-432B-8943-CFDFAE013379", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s7700_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CF102265-497A-4766-80C8-323D511B4EAF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*", matchCriteriaId: "8769C2C4-E333-432B-8943-CFDFAE013379", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:9700_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4A3C463F-2C0B-4269-95ED-A578C01E0F55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:9700:-:*:*:*:*:*:*:*", matchCriteriaId: "D2A9F6EB-8B6E-465C-B441-C4861771861E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:9700_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4A3C463F-2C0B-4269-95ED-A578C01E0F55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:9700:-:*:*:*:*:*:*:*", matchCriteriaId: "D2A9F6EB-8B6E-465C-B441-C4861771861E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s12700_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "89D69269-4251-4CE9-AD67-4968A917C1E0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*", matchCriteriaId: "138C1E57-176C-46B1-9704-D9C8391CC802", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s12700_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "89D69269-4251-4CE9-AD67-4968A917C1E0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*", matchCriteriaId: "138C1E57-176C-46B1-9704-D9C8391CC802", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s2700_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "540F0482-7F5E-4688-B282-97A6576E0A6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD2CD071-58E4-4061-8217-990453213470", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s3700_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "789A2B2D-99B1-4AA5-BB39-65D58D8B59B0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s3700:-:*:*:*:*:*:*:*", matchCriteriaId: "B7F84390-E120-406B-967D-B473EB110EA9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s5700ei_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B9FD39BD-0D24-4C1E-969C-C9509AE8A0D8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s5700ei:-:*:*:*:*:*:*:*", matchCriteriaId: "1B0BE6C3-1FB2-4718-AA9D-1A8D8663C195", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s5700hi_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "409A4E21-B8D8-445F-A9C4-3CDA73189CA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s5700hi:-:*:*:*:*:*:*:*", matchCriteriaId: "ED775342-B93C-4DF9-BC62-B6BE549F1B29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s5700si_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "31FB20E5-4830-411C-AE4B-6B2E180C0972", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s5700si:-:*:*:*:*:*:*:*", matchCriteriaId: "24C4DC87-DE8C-461F-A555-F6E9A71C1C48", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s5710ei_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "95E7ABCB-D0C0-4C18-A7AC-8C1EBD5E4E87", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s5710ei:-:*:*:*:*:*:*:*", matchCriteriaId: "A2D59F3D-CC4A-4ADD-B83C-5CE3F0546622", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s5710hi_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "065508F6-D026-4C99-B6F9-AE25CB1124D3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s5710hi:-:*:*:*:*:*:*:*", matchCriteriaId: "4DFF0F26-CDF2-49B0-AED7-EEA4B9E99E8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s6700_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86E35CBD-4488-4E64-BEA2-A2E89A4BB9E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*", matchCriteriaId: "DA7AC10D-B0DD-4206-8642-134DDD585C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s2750_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A0C6E3C4-5677-49B6-9D35-FAC2E550F311", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s2750:-:*:*:*:*:*:*:*", matchCriteriaId: "B7859972-B7B8-4619-AAED-22B6B14852BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s5700li_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1755FB01-C830-4147-B0BF-7D422A7D2181", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s5700li:-:*:*:*:*:*:*:*", matchCriteriaId: "21B89917-2B3D-4BA5-8836-ADEECF46E976", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s5700s-li_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DF808C1-3081-4FC7-8661-FBF6A04761B6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s5700s-li:-:*:*:*:*:*:*:*", matchCriteriaId: "86FFC3BE-77A0-4202-9AE0-06D8D67F6539", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s5720hi_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8A960DA7-8B35-43B3-B15F-F3F7E14BF308", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s5720hi:-:*:*:*:*:*:*:*", matchCriteriaId: "CB64BC36-693E-4101-9C13-4A4C572A4EDE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s2750_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A0C6E3C4-5677-49B6-9D35-FAC2E550F311", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s2750:-:*:*:*:*:*:*:*", matchCriteriaId: "B7859972-B7B8-4619-AAED-22B6B14852BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s5700li_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1755FB01-C830-4147-B0BF-7D422A7D2181", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s5700li:-:*:*:*:*:*:*:*", matchCriteriaId: "21B89917-2B3D-4BA5-8836-ADEECF46E976", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s5700s-li_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DF808C1-3081-4FC7-8661-FBF6A04761B6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s5700s-li:-:*:*:*:*:*:*:*", matchCriteriaId: "86FFC3BE-77A0-4202-9AE0-06D8D67F6539", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s5720hi_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8A960DA7-8B35-43B3-B15F-F3F7E14BF308", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s5720hi:-:*:*:*:*:*:*:*", matchCriteriaId: "CB64BC36-693E-4101-9C13-4A4C572A4EDE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:s5720ei_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6A799E13-49E1-4CFB-BB7D-5E528C7E0FE3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s5720ei:-:*:*:*:*:*:*:*", matchCriteriaId: "D7B06975-BD37-452D-9782-B768610D3777", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:te60_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D65BF93A-9246-48CB-8510-F6B0380F48D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*", matchCriteriaId: "999117E9-90C8-4E76-90B5-7D364C0B84BF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:huawei:oceanstor_replicationdirector:v100r003c00:*:*:*:*:*:*:*", matchCriteriaId: "0A0D7527-BCA2-4CF5-A793-1C01F6570679", vulnerable: true, }, { criteria: "cpe:2.3:a:huawei:policy_center:v100r003c00:*:*:*:*:*:*:*", matchCriteriaId: "95CA0A4C-2571-4593-A075-9A6A7EABBB33", vulnerable: true, }, { criteria: "cpe:2.3:a:huawei:policy_center:v100r003c10:*:*:*:*:*:*:*", matchCriteriaId: "16D46E9E-7F34-49C4-B56F-9090157FAD6E", vulnerable: true, }, { criteria: "cpe:2.3:a:huawei:smc2.0:v100r002c01:*:*:*:*:*:*:*", matchCriteriaId: "8D6E37DD-6CEA-443A-80C2-79E28C78D7CF", vulnerable: true, }, { criteria: "cpe:2.3:a:huawei:smc2.0:v100r002c02:*:*:*:*:*:*:*", matchCriteriaId: "BE1A9027-21FC-45E0-98B2-BFB8B5BE484D", vulnerable: true, }, { criteria: "cpe:2.3:a:huawei:smc2.0:v100r002c03:*:*:*:*:*:*:*", matchCriteriaId: "EC8620BB-7730-4C8F-8B4B-21389636B3C8", vulnerable: true, }, { criteria: "cpe:2.3:a:huawei:smc2.0:v100r002c04:*:*:*:*:*:*:*", matchCriteriaId: "D971D78C-A6F3-438D-A292-54A9A226FFE9", vulnerable: true, }, { criteria: "cpe:2.3:a:huawei:ultravr:v100r003c00:*:*:*:*:*:*:*", matchCriteriaId: "648D923E-BF31-4DF4-B160-66874A8E45AF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ibm:cognos_metrics_manager:10.1:*:*:*:*:*:*:*", matchCriteriaId: "23F3243D-14BB-45F4-BBF6-DD45B8729B6B", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:cognos_metrics_manager:10.1.1:*:*:*:*:*:*:*", matchCriteriaId: "97449883-5401-42C0-8FF1-6A5BEC7BC829", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:cognos_metrics_manager:10.2:*:*:*:*:*:*:*", matchCriteriaId: "2B2DDB90-C6A1-4EE5-96F2-F0A33B2F79A9", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:cognos_metrics_manager:10.2.1:*:*:*:*:*:*:*", matchCriteriaId: "E43C2590-059B-43BE-BFD1-7B0D1020D324", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:cognos_metrics_manager:10.2.2:*:*:*:*:*:*:*", matchCriteriaId: "379CF92E-AFD1-4744-AC07-6A495548F121", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the \"Bar Mitzvah\" issue.", }, { lang: "es", value: "El algoritmo RC4, utilizado en el protocolo TLS y el protocolo SSL, no combina correctamente los datos de estados con los datos de claves durante la fase de inicialización, lo que facilita a atacantes remotos realizar ataques de recuperación de texto claro contra los bytes iniciales de un flujo mediante la captura de trafico de la red que ocasionalmente depende de claves afectadas por la debilidad de la invariabilidad (Invariance Weakness), y posteriormente utilizar un acercamiento de fuerza bruta que involucra valores LSB, también conocido como el problema de 'Bar Mitzvah'.", }, ], id: "CVE-2015-2808", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-04-01T02:00:35.097", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143456209711959&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143629696317098&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143741441012338&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143741441012338&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143817021313142&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143817021313142&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143817899717054&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143817899717054&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143818140118771&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143818140118771&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144043644216842&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144059660127919&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144059703728085&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144060576831314&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144060606031437&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144069189622016&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144102017024820&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144104533800819&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144104565600964&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1006.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1007.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1020.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1021.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1091.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1228.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1229.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1230.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1241.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1242.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1243.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1526.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21883640", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-304.ibm.com/support/docview.wss?uid=swg21903565", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960015", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960769", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3316", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3339", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/hw-454055", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/73684", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91787", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032599", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032600", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032707", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032708", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032734", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032788", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032858", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032868", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032910", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032990", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033071", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033072", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033386", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033415", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033431", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033432", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033737", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033769", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036222", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2696-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2706-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.juniper.net/JSA10783", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10163", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201512-10", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709", }, { source: "cve@mitre.org", tags: [ "Technical Description", "Third Party Advisory", ], url: "https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf", }, { source: "cve@mitre.org", url: "https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143456209711959&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143629696317098&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143741441012338&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143741441012338&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143817021313142&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143817021313142&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143817899717054&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143817899717054&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143818140118771&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143818140118771&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144043644216842&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144059660127919&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144059703728085&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144060576831314&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144060606031437&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144069189622016&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144102017024820&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144104533800819&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144104565600964&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1228.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1229.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1230.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1241.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1242.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1243.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1526.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21883640", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-304.ibm.com/support/docview.wss?uid=swg21903565", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960015", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960769", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3316", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3339", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/hw-454055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/73684", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032599", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032600", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032707", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032734", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032788", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032868", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032910", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032990", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033071", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033072", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033386", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033432", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033737", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033769", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036222", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2696-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2706-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.juniper.net/JSA10783", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10163", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201512-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", "Third Party Advisory", ], url: "https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-327", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-16 19:29
Modified
2025-04-07 18:22
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
References
Impacted products
{ cisaActionDue: "2022-05-03", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Microsoft Remote Desktop Services Remote Code Execution Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", matchCriteriaId: "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", matchCriteriaId: "5F422A8C-2C4E-42C8-B420-E0728037E15C", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", matchCriteriaId: "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:axiom_multix_m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EB36445-3462-4398-84F9-1387A7436FC7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:axiom_multix_m:-:*:*:*:*:*:*:*", matchCriteriaId: "66829DE2-25D6-4FF5-B1AA-6637AE053ACE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:axiom_vertix_md_trauma_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "733840A0-5D17-4D92-BB45-357E39CC9190", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:axiom_vertix_md_trauma:-:*:*:*:*:*:*:*", matchCriteriaId: "4FAFB504-D8F4-4589-9D25-616CB38BF257", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:axiom_vertix_solitaire_m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A9B1B857-3051-4312-A997-99570D567D74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:axiom_vertix_solitaire_m:-:*:*:*:*:*:*:*", matchCriteriaId: "86974C5C-C4A4-4109-B5DC-85D4F01E94D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:mobilett_xp_digital_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7392294B-487E-4B31-B6A5-560C4F547338", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:mobilett_xp_digital:-:*:*:*:*:*:*:*", matchCriteriaId: "DC524FD4-B53D-4E22-A9A9-33EB73811CF3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:multix_pro_acss_p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCB111CF-1760-45FE-A005-68965EEB9034", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:multix_pro_acss_p:-:*:*:*:*:*:*:*", matchCriteriaId: "46335917-7477-47B9-9D03-079D0AFD6121", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:multix_pro_p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72E96638-0DE1-4370-B0FC-8E418BD74C71", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:multix_pro_p:-:*:*:*:*:*:*:*", matchCriteriaId: "6B9E130C-EB9B-46F2-A67A-1CB22F67E3CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:multix_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5FE644ED-DFE9-4F11-9C8B-E5EA6CF6BA1E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:multix_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "1C221669-D976-4C2B-8634-2FB0583F27A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:multix_pro_acss_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4AA78BA8-8443-441D-B629-5F5652296566", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:multix_pro_acss:-:*:*:*:*:*:*:*", matchCriteriaId: "F39B002A-3FCC-4F73-8BEA-575BD000C49F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:multix_pro_navy_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2B6D8DF-5F9B-469E-B8F1-D59021B5D1A6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:multix_pro_navy:-:*:*:*:*:*:*:*", matchCriteriaId: "284692FE-2298-43F8-B59E-F86BA2453146", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:multix_swing_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DAD4D073-FA45-4D28-BF69-0A706C61BA32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:multix_swing:-:*:*:*:*:*:*:*", matchCriteriaId: "69644600-D356-45A7-9E8B-91458255C252", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:multix_top_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9AFC6443-6826-4C1F-95D7-621EA0C5B547", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:multix_top:-:*:*:*:*:*:*:*", matchCriteriaId: "29DFEA58-1949-41EF-AF8A-A01E2BD64ABE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:multix_top_acss_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "98E0BDAE-DA78-439B-8368-E861BAB682EE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:multix_top_acss:-:*:*:*:*:*:*:*", matchCriteriaId: "68111C12-7DD9-4DB3-AC80-B95A5A063A09", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:multix_top_p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B92FD292-31EB-448B-BD86-8D14A758A254", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:multix_top_p:-:*:*:*:*:*:*:*", matchCriteriaId: "161AD776-6029-43EA-BDDA-FC8357699C33", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:multix_top_acss_p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE3A3B2B-D371-49D4-B7C1-A00595282EC2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:multix_top_acss_p:-:*:*:*:*:*:*:*", matchCriteriaId: "610660AA-0AA6-434E-B824-80AE565570B7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:vertix_solitaire_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D1282797-1448-4B11-825F-49863AD4BDC4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:vertix_solitaire:-:*:*:*:*:*:*:*", matchCriteriaId: "3A4A8BC9-0249-45EB-91D7-1B57491F4951", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:atellica_solution_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "32E9780A-0015-4245-9CAE-D7573D8C4268", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:atellica_solution:-:*:*:*:*:*:*:*", matchCriteriaId: "7B264A65-9109-4629-8F20-1DD6728FAD7F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:aptio_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "502E501A-78A0-4074-BC7D-7BAFE4386337", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:aptio:-:*:*:*:*:*:*:*", matchCriteriaId: "3D8C9706-43E8-48E5-913C-FE0FDEEB489F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:streamlab_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "195AD327-F323-4902-9CDB-4C7C1B3D1F3F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:streamlab:-:*:*:*:*:*:*:*", matchCriteriaId: "BD03E0CF-4707-4C95-8703-264429D52996", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:centralink_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D56D3C8-5731-4EE2-B79B-BB74163E3D62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:centralink:-:*:*:*:*:*:*:*", matchCriteriaId: "500986D3-3A08-46C4-9482-88CFA6ED61B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:viva_e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE2405D2-7048-4541-9526-AA2B88D2A38B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:viva_e:-:*:*:*:*:*:*:*", matchCriteriaId: "745742F2-A291-470B-8EB1-482A23873737", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:viva_twin_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D64A2198-C839-43A8-BFEB-D575B372DD7F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:viva_twin:-:*:*:*:*:*:*:*", matchCriteriaId: "BA780EE3-B6AB-4393-9997-D09CBB433C51", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:syngo_lab_process_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B232D046-AD22-445F-8EE0-EED30BCA9DAD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:rapidpoint_500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FFF1E341-5481-494A-BAFF-E080E39C9DA7", versionEndIncluding: "2.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:rapidpoint_500:-:*:*:*:*:*:*:*", matchCriteriaId: "9A4806F5-0292-45BA-96B9-422958D0CB0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:lantis_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B8CA8D2-1BA4-4B58-969D-DBA7F72DA755", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:lantis:-:*:*:*:*:*:*:*", matchCriteriaId: "06FF378C-EAAD-4808-9246-010AC0A17E90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:agile_controller-campus_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "A6B574A3-5FCD-4F3E-932D-10334180F4F0", vulnerable: true, }, { criteria: "cpe:2.3:o:huawei:agile_controller-campus_firmware:v100r002c10:*:*:*:*:*:*:*", matchCriteriaId: "81635D07-BFBF-4485-B4CF-9C05620DB447", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:agile_controller-campus:-:*:*:*:*:*:*:*", matchCriteriaId: "592559FB-7551-4327-9ECE-9325F4173C85", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bh620_v2_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "DAAA4664-EB38-4693-88AD-F226D7A07C93", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bh620_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "95D21222-A1F6-4312-B833-6576F75820C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bh621_v2_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "FC40CC46-D679-42F8-B2C2-FF3EDA28BCF0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bh621_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "11D61715-5074-41EC-A50F-5C347D85266F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bh622_v2_firmware:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "617A06EA-67C0-4714-B8D8-2602E0E34029", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bh622_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "6E191F04-E8BE-4D73-89D0-42C2DB288C4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bh640_v2_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "93792886-51EE-4172-ACED-F195F0556A98", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bh640_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "EFBB2CA0-7556-42E8-B7C7-57F1C6477CFF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ch121_firmware:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "668E5527-0E2F-40CD-8857-B720A6C9B802", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ch121:-:*:*:*:*:*:*:*", matchCriteriaId: "AA223DE5-F37C-4451-96A9-9DFA479591AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ch140_firmware:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "8D7D565C-DC70-4978-BF91-79DD99FA347C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ch140:-:*:*:*:*:*:*:*", matchCriteriaId: "8DB768F1-FA54-4043-B538-31783D941CC9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ch220_firmware:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "E7D7D307-43F7-43AD-AA2E-F0DB66F7F9D1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ch220:-:*:*:*:*:*:*:*", matchCriteriaId: "ED03ED73-8B5C-4369-8F3A-68497718B488", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ch221_firmware:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "685452C8-9B87-4FBC-9E27-0DF5F2B44807", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ch221:-:*:*:*:*:*:*:*", matchCriteriaId: "211005F7-2DAA-40EC-9B92-D2E866052E84", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ch222_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "E41FE7C8-77B4-4EC7-83C3-F587BDC8A18D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ch222:-:*:*:*:*:*:*:*", matchCriteriaId: "21FB1E88-3CB4-48FE-9F52-AA12D40DB944", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ch240_firmware:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "7BC1DD2F-DE32-4EA6-9539-792FCBDEF20D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ch240:-:*:*:*:*:*:*:*", matchCriteriaId: "74027C23-3637-4ABE-A697-B20FD7B94162", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ch242_firmware:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "6185FD57-FE4F-43E2-A3EA-3AA5A299A05D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ch242:-:*:*:*:*:*:*:*", matchCriteriaId: "CE8DA951-047B-4A88-A851-9663F2EC2CEB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ch242_v3_firmware:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "563AC0A9-568C-4010-9142-28C88349B587", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ch242_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "D2637E43-1937-4320-AAF4-3770C332B66E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:e6000_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "774E8CD3-3E77-41EB-ABC9-CE885CC90FA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:e6000:-:*:*:*:*:*:*:*", matchCriteriaId: "1F66D29E-0B7F-45D3-BECC-21952F4A4850", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:e6000_chassis_firmware:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "3057065D-9D25-4BE2-8392-48405063E821", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:e6000_chassis:-:*:*:*:*:*:*:*", matchCriteriaId: "748D3A0F-12FA-4755-969B-45D7B3D55147", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:gtsoftx3000_firmware:v200r001c01spc100:*:*:*:*:*:*:*", matchCriteriaId: "14C6D34F-BFE4-420C-B496-E4D82783ED7B", vulnerable: true, }, { criteria: "cpe:2.3:o:huawei:gtsoftx3000_firmware:v200r002c00spc300:*:*:*:*:*:*:*", matchCriteriaId: "8F646FC2-3A77-4971-BACC-D0CA7B9379DE", vulnerable: true, }, { criteria: "cpe:2.3:o:huawei:gtsoftx3000_firmware:v200r002c10spc100:*:*:*:*:*:*:*", matchCriteriaId: "C98EEDBC-42C6-4896-83A5-8EE175F4710C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:gtsoftx3000:-:*:*:*:*:*:*:*", matchCriteriaId: "43C5827F-092C-4A94-A907-F653A55C280D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_18500_firmware:v100r001c30spc300:*:*:*:*:*:*:*", matchCriteriaId: "22D7738B-B2B1-423C-A7C6-A73280F085C7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_18500:-:*:*:*:*:*:*:*", matchCriteriaId: "B7AAE27E-EB13-43E2-A7F4-7973977AD936", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_18800_firmware:v100r001c30spc300:*:*:*:*:*:*:*", matchCriteriaId: "5B908D26-6C4F-4955-A284-39C4C338AEBF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_18800:-:*:*:*:*:*:*:*", matchCriteriaId: "B196FDFF-8A1D-4E7D-895A-1D09ADACC396", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_18800f_firmware:v100r001c30spc300:*:*:*:*:*:*:*", matchCriteriaId: "C46963C2-0175-4933-A2A1-4CFBA3FF4586", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_18800f:-:*:*:*:*:*:*:*", matchCriteriaId: "4E675B6C-C847-486F-8946-F98E271E1DC0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_hvs85t_firmware:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "6188E188-7CA7-4415-835D-738A684B7639", vulnerable: true, }, { criteria: "cpe:2.3:o:huawei:oceanstor_hvs85t_firmware:v100r001c30spc200:*:*:*:*:*:*:*", matchCriteriaId: "981C1A1D-352D-478A-BF04-F1D9A71C86D6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_hvs85t:-:*:*:*:*:*:*:*", matchCriteriaId: "675CCB4F-BB76-45DC-9E6E-3BD279995084", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:oceanstor_hvs88t_firmware:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "B9A7C688-25E6-457B-AFBF-657EDE621FFA", vulnerable: true, }, { criteria: "cpe:2.3:o:huawei:oceanstor_hvs88t_firmware:v100r001c30spc200:*:*:*:*:*:*:*", matchCriteriaId: "31EBFCDE-7FB8-4CA7-9A2E-F94DD572B48B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:oceanstor_hvs88t:-:*:*:*:*:*:*:*", matchCriteriaId: "5C3C47BF-7FAA-4A6C-BBDC-CC8D28CCA611", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:rh1288_v2_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "9AA159F6-CE6C-4EC9-9166-718780F752CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:rh1288_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "F24DF092-9867-4381-BDFB-5AB7116DEFD4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:rh1288a_v2_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "BE3450A4-4C1A-4125-8B18-3961D69D6F0B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:rh1288a_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "A7E91ACB-82D0-4A4E-9157-5142A26E577A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:rh2265_v2_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "485D4E2A-7697-40CD-92E4-0B93CB898DD3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:rh2265_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "D3860458-155E-47F6-A37E-730DE7A363DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:rh2268_v2_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "1E293DFF-1C3F-4180-895D-E7BC4A14FB93", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:rh2268_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C2FB1E-2569-4AB9-95A2-DCD4AC8C7D1D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:rh2285_v2_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "97C57B46-9085-458A-8A5B-A6F74E00F4D0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:rh2285_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "38DF8C15-4086-4F70-BCD2-BDB91900C80A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:rh2285h_v2_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "449982CF-3F17-473D-9B58-3E1076B1CF1F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:rh2285h_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "275A2FCA-8E0A-4EFA-907B-4F6E3E954372", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:rh2288_v2_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "377CAD92-7563-43D9-92A3-C05B149F65E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:rh2288_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "9E1F1478-2D24-42D5-8401-3D6BAB20A7F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:rh2288a_v2_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "A522BFBE-69E6-4DF8-83D3-27564AF88C6B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:rh2288a_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "E3CB6AA6-2424-41B2-92A7-81E788DB8396", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:rh2288e_v2_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "AE64C9F3-EEEF-44CB-8C3B-0969D2A76C81", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:rh2288e_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "7A446D94-F39F-461D-B935-02C87058D0AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:rh2288h_v2_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "56D5E59C-5824-463B-8121-57E3689DD1C0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:rh2288h_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "908E0834-8E5D-43EF-A604-AAFCA6E69767", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:rh2485_v2_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "5AFBF820-E15D-4E7F-AD44-D4AE5EF208FB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:rh2485_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2D2E8A9D-7BC5-40D2-B85B-61D753A4D88B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:rh5885_v2_firmware:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "525FAA8B-734F-4B0D-8E32-9066CF9D939F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:rh5885_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "43C7EEF7-1AF2-41D8-98A6-0237524B76C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:rh5885_v3_firmware:v100r003c00:*:*:*:*:*:*:*", matchCriteriaId: "779C3401-3A97-4DFE-AD0B-E8B2A48AA04A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:rh5885_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "3C3BAFB9-A7C7-4199-89B2-587D650762C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:smc2.0_firmware:v500r002c00:*:*:*:*:*:*:*", matchCriteriaId: "B9E7481E-B5B8-481C-AC35-A8029AA2DF7A", vulnerable: true, }, { criteria: "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c00:*:*:*:*:*:*:*", matchCriteriaId: "60E7CCC4-60A8-48FA-A9EA-7A327B3A29B2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:smc2.0:-:*:*:*:*:*:*:*", matchCriteriaId: "FDBEFFB4-9742-48CC-BBA6-E5DCA281B343", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:seco_vsm_firmware:v200r002c00:*:*:*:*:*:*:*", matchCriteriaId: "2A756B3A-BD91-4857-869B-AF435E66BAD3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:seco_vsm:-:*:*:*:*:*:*:*", matchCriteriaId: "EB7EBA07-D6A7-4C45-8C57-84E2549A4CFE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:uma_firmware:v200r001c00:*:*:*:*:*:*:*", matchCriteriaId: "207D80F3-6DB4-4BDE-AE72-38BAF4EE2B67", vulnerable: true, }, { criteria: "cpe:2.3:o:huawei:uma_firmware:v300r001c00:*:*:*:*:*:*:*", matchCriteriaId: "429F7534-D2A9-4275-9333-0786F315037E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:uma:-:*:*:*:*:*:*:*", matchCriteriaId: "E1940680-0927-4E56-83E3-3525797978B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:x6000_firmware:v100r002c00:*:*:*:*:*:*:*", matchCriteriaId: "FF613F6D-DBC7-4A35-9A8D-B948FB3C84F9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:x6000:-:*:*:*:*:*:*:*", matchCriteriaId: "24BB4E74-B9A6-4C2C-AB61-A4028CDFF614", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:x8000_firmware:v100r002c20:*:*:*:*:*:*:*", matchCriteriaId: "48CBF1C9-1DA3-4B3C-AB00-42F41248B074", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:x8000:-:*:*:*:*:*:*:*", matchCriteriaId: "02CCB6E7-0BF2-4762-BDD6-0F68B087CBF8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:elog_firmware:v200r003c10:*:*:*:*:*:*:*", matchCriteriaId: "C3A696C2-836C-441C-875D-9D68F2DE25B1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:elog:-:*:*:*:*:*:*:*", matchCriteriaId: "C34C1766-B15E-4C73-AE28-F22D9296DF20", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:espace_ecs_firmware:v300r001c00:*:*:*:*:*:*:*", matchCriteriaId: "95140BB8-911D-4F19-8C6E-DCD6FA2298AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:espace_ecs:-:*:*:*:*:*:*:*", matchCriteriaId: "A924CA6B-C4BB-4340-BF27-B0EE4B72F9A7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.", }, { lang: "es", value: "Existe una vulnerabilidad de ejecución remota de código en Remote Desktop Services, anteriormente conocido como Terminal Services, cuando un atacante no autenticado se conecta al sistema de destino mediante RDP y envía peticiones especialmente diseñadas, conocida como 'Remote Desktop Services Remote Code Execution Vulnerability'.", }, ], id: "CVE-2019-0708", lastModified: "2025-04-07T18:22:06.710", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2019-05-16T19:29:00.427", references: [ { source: "secure@microsoft.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html", }, { source: "secure@microsoft.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html", }, { source: "secure@microsoft.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html", }, { source: "secure@microsoft.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html", }, { source: "secure@microsoft.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html", }, { source: "secure@microsoft.com", tags: [ "Third Party Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en", }, { source: "secure@microsoft.com", tags: [ "Third Party Advisory", ], url: "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en", }, { source: "secure@microsoft.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf", }, { source: "secure@microsoft.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf", }, { source: "secure@microsoft.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf", }, { source: "secure@microsoft.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf", }, { source: "secure@microsoft.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf", }, { source: "secure@microsoft.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf", }, { source: "secure@microsoft.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708", }, ], sourceIdentifier: "secure@microsoft.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
CVE-2015-2808 (GCVE-0-2015-2808)
Vulnerability from cvelistv5
Published
2015-04-01 00:00
Modified
2024-08-06 05:24
Severity ?
EPSS score ?
Summary
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:24:38.828Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SSRT102127", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143818140118771&w=2", }, { name: "RHSA-2015:1243", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1243.html", }, { name: "RHSA-2015:1007", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1007.html", }, { name: "HPSBGN03367", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143817899717054&w=2", }, { name: "HPSBUX03512", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { name: "RHSA-2015:1006", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1006.html", }, { tags: [ "x_transferred", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256", }, { tags: [ "x_transferred", ], url: "https://kb.juniper.net/JSA10783", }, { name: "1033737", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1033737", }, { name: "SUSE-SU-2015:2192", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html", }, { name: "HPSBGN03399", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144060576831314&w=2", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { name: "1036222", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1036222", }, { tags: [ "x_transferred", ], url: "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034", }, { name: "SSRT102129", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143817899717054&w=2", }, { tags: [ "x_transferred", ], url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960769", }, { name: "GLSA-201512-10", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/201512-10", }, { name: "RHSA-2015:1229", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1229.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650", }, { name: "1032600", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1032600", }, { name: "1032910", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1032910", }, { name: "USN-2706-1", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2706-1", }, { name: "RHSA-2015:1526", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1526.html", }, { name: "SSRT102133", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143817021313142&w=2", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { name: "1032599", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1032599", }, { name: "HPSBMU03401", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144104533800819&w=2", }, { tags: [ "x_transferred", ], url: "http://www-304.ibm.com/support/docview.wss?uid=swg21903565", }, { tags: [ "x_transferred", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380", }, { tags: [ "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10163", }, { name: "HPSBMU03345", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144043644216842&w=2", }, { name: "1032734", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1032734", }, { name: "IV71892", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347", }, { name: "1033769", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1033769", }, { name: "1032707", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1032707", }, { name: "openSUSE-SU-2015:1289", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html", }, { name: "HPSBGN03372", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143817021313142&w=2", }, { name: "RHSA-2015:1091", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1091.html", }, { name: "HPSBGN03402", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144069189622016&w=2", }, { name: "IV71888", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888", }, { name: "RHSA-2015:1228", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1228.html", }, { name: "HPSBGN03405", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144060606031437&w=2", }, { name: "1032708", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1032708", }, { tags: [ "x_transferred", ], url: "http://www.huawei.com/en/psirt/security-advisories/hw-454055", }, { name: "DSA-3316", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3316", }, { name: "SUSE-SU-2015:2166", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "1033415", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1033415", }, { tags: [ "x_transferred", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", }, { name: "HPSBGN03366", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143818140118771&w=2", }, { tags: [ "x_transferred", ], url: "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709", }, { name: "HPSBGN03403", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144104565600964&w=2", }, { name: "SSRT102254", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2", }, { tags: [ "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21883640", }, { name: "HPSBGN03407", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144102017024820&w=2", }, { name: "1033432", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1033432", }, { name: "HPSBGN03354", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143629696317098&w=2", }, { name: "SUSE-SU-2015:1138", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html", }, { name: "1032858", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1032858", }, { name: "SSRT102073", tags: [ "vendor-advisory", "x_transferred", ], url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922", }, { name: "1032788", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1032788", }, { name: "USN-2696-1", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2696-1", }, { tags: [ "x_transferred", ], url: "https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf", }, { name: "DSA-3339", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3339", }, { name: "RHSA-2015:1020", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1020.html", }, { name: "RHSA-2015:1242", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1242.html", }, { tags: [ "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727", }, { tags: [ "x_transferred", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241", }, { name: "SUSE-SU-2015:1086", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html", }, { name: "1033431", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1033431", }, { tags: [ "x_transferred", ], url: "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988", }, { name: "1032868", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1032868", }, { name: "HPSBGN03415", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144059703728085&w=2", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { name: "91787", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/91787", }, { name: "SUSE-SU-2015:1319", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html", }, { name: "SUSE-SU-2015:1320", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html", }, { name: "openSUSE-SU-2015:1288", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html", }, { name: "RHSA-2015:1241", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1241.html", }, { tags: [ "x_transferred", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140", }, { tags: [ "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", }, { name: "RHSA-2015:1230", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1230.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888", }, { name: "HPSBGN03338", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143456209711959&w=2", }, { name: "1033386", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1033386", }, { name: "HPSBMU03377", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143741441012338&w=2", }, { name: "1033072", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1033072", }, { name: "SSRT102150", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143741441012338&w=2", }, { tags: [ "x_transferred", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789", }, { name: "SUSE-SU-2015:1085", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html", }, { tags: [ "x_transferred", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119", }, { name: "RHSA-2015:1021", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1021.html", }, { tags: [ "x_transferred", ], url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960015", }, { name: "SUSE-SU-2015:1073", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935", }, { name: "SUSE-SU-2015:1161", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html", }, { name: "HPSBGN03414", tags: [ "vendor-advisory", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144059660127919&w=2", }, { name: "73684", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/73684", }, { name: "1032990", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1032990", }, { name: "1033071", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1033071", }, { name: "SUSE-SU-2016:0113", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html", }, { tags: [ "x_transferred", ], url: "https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-03-26T00:00:00", descriptions: [ { lang: "en", value: "The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the \"Bar Mitzvah\" issue.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-07T16:46:59.848306", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "SSRT102127", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=143818140118771&w=2", }, { name: "RHSA-2015:1243", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1243.html", }, { name: "RHSA-2015:1007", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1007.html", }, { name: "HPSBGN03367", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=143817899717054&w=2", }, { name: "HPSBUX03512", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2", }, { url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { name: "RHSA-2015:1006", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1006.html", }, { url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256", }, { url: "https://kb.juniper.net/JSA10783", }, { name: "1033737", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1033737", }, { name: "SUSE-SU-2015:2192", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html", }, { name: "HPSBGN03399", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=144060576831314&w=2", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { name: "1036222", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1036222", }, { url: "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034", }, { name: "SSRT102129", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=143817899717054&w=2", }, { url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960769", }, { name: "GLSA-201512-10", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201512-10", }, { name: "RHSA-2015:1229", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1229.html", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650", }, { name: "1032600", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1032600", }, { name: "1032910", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1032910", }, { name: "USN-2706-1", tags: [ "vendor-advisory", ], url: "http://www.ubuntu.com/usn/USN-2706-1", }, { name: "RHSA-2015:1526", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1526.html", }, { name: "SSRT102133", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=143817021313142&w=2", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { name: "1032599", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1032599", }, { name: "HPSBMU03401", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=144104533800819&w=2", }, { url: "http://www-304.ibm.com/support/docview.wss?uid=swg21903565", }, { url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380", }, { url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10163", }, { name: "HPSBMU03345", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=144043644216842&w=2", }, { name: "1032734", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1032734", }, { name: "IV71892", tags: [ "vendor-advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347", }, { name: "1033769", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1033769", }, { name: "1032707", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1032707", }, { name: "openSUSE-SU-2015:1289", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html", }, { name: "HPSBGN03372", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=143817021313142&w=2", }, { name: "RHSA-2015:1091", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1091.html", }, { name: "HPSBGN03402", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=144069189622016&w=2", }, { name: "IV71888", tags: [ "vendor-advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888", }, { name: "RHSA-2015:1228", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1228.html", }, { name: "HPSBGN03405", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=144060606031437&w=2", }, { name: "1032708", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1032708", }, { url: "http://www.huawei.com/en/psirt/security-advisories/hw-454055", }, { name: "DSA-3316", tags: [ "vendor-advisory", ], url: "http://www.debian.org/security/2015/dsa-3316", }, { name: "SUSE-SU-2015:2166", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "1033415", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1033415", }, { url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", }, { name: "HPSBGN03366", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=143818140118771&w=2", }, { url: "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709", }, { name: "HPSBGN03403", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=144104565600964&w=2", }, { name: "SSRT102254", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2", }, { url: "http://www-01.ibm.com/support/docview.wss?uid=swg21883640", }, { name: "HPSBGN03407", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=144102017024820&w=2", }, { name: "1033432", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1033432", }, { name: "HPSBGN03354", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=143629696317098&w=2", }, { name: "SUSE-SU-2015:1138", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html", }, { name: "1032858", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1032858", }, { name: "SSRT102073", tags: [ "vendor-advisory", ], url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922", }, { name: "1032788", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1032788", }, { name: "USN-2696-1", tags: [ "vendor-advisory", ], url: "http://www.ubuntu.com/usn/USN-2696-1", }, { url: "https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf", }, { name: "DSA-3339", tags: [ "vendor-advisory", ], url: "http://www.debian.org/security/2015/dsa-3339", }, { name: "RHSA-2015:1020", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1020.html", }, { name: "RHSA-2015:1242", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1242.html", }, { url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727", }, { url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241", }, { name: "SUSE-SU-2015:1086", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html", }, { name: "1033431", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1033431", }, { url: "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988", }, { name: "1032868", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1032868", }, { name: "HPSBGN03415", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=144059703728085&w=2", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { name: "91787", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/91787", }, { name: "SUSE-SU-2015:1319", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html", }, { name: "SUSE-SU-2015:1320", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html", }, { name: "openSUSE-SU-2015:1288", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html", }, { name: "RHSA-2015:1241", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1241.html", }, { url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140", }, { url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", }, { name: "RHSA-2015:1230", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1230.html", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888", }, { name: "HPSBGN03338", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=143456209711959&w=2", }, { name: "1033386", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1033386", }, { name: "HPSBMU03377", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=143741441012338&w=2", }, { name: "1033072", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1033072", }, { name: "SSRT102150", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=143741441012338&w=2", }, { url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789", }, { name: "SUSE-SU-2015:1085", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html", }, { url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119", }, { name: "RHSA-2015:1021", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1021.html", }, { url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960015", }, { name: "SUSE-SU-2015:1073", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935", }, { name: "SUSE-SU-2015:1161", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html", }, { name: "HPSBGN03414", tags: [ "vendor-advisory", ], url: "http://marc.info/?l=bugtraq&m=144059660127919&w=2", }, { name: "73684", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/73684", }, { name: "1032990", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1032990", }, { name: "1033071", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1033071", }, { name: "SUSE-SU-2016:0113", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html", }, { url: "https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-2808", datePublished: "2015-04-01T00:00:00", dateReserved: "2015-03-31T00:00:00", dateUpdated: "2024-08-06T05:24:38.828Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-0708 (GCVE-0-2019-0708)
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2025-02-07 16:28
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Windows |
Version: 7 for 32-bit Systems Service Pack 1 Version: 7 for x64-based Systems Service Pack 1 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:51:27.186Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2019-0708", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-07T16:17:22.676231Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2019-0708", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-07T16:28:16.043Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Windows", vendor: "Microsoft", versions: [ { status: "affected", version: "7 for 32-bit Systems Service Pack 1", }, { status: "affected", version: "7 for x64-based Systems Service Pack 1", }, ], }, { product: "Windows Server", vendor: "Microsoft", versions: [ { status: "affected", version: "2008 R2 for x64-based Systems Service Pack 1 (Core installation)", }, { status: "affected", version: "2008 R2 for Itanium-Based Systems Service Pack 1", }, { status: "affected", version: "2008 R2 for x64-based Systems Service Pack 1", }, { status: "affected", version: "2008 for 32-bit Systems Service Pack 2 (Core installation)", }, { status: "affected", version: "2008 for Itanium-Based Systems Service Pack 2", }, { status: "affected", version: "2008 for 32-bit Systems Service Pack 2", }, { status: "affected", version: "2008 for x64-based Systems Service Pack 2", }, { status: "affected", version: "2008 for x64-based Systems Service Pack 2 (Core installation)", }, ], }, ], descriptions: [ { lang: "en", value: "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.", }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-03T17:06:16.000Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@microsoft.com", ID: "CVE-2019-0708", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Windows", version: { version_data: [ { version_value: "7 for 32-bit Systems Service Pack 1", }, { version_value: "7 for x64-based Systems Service Pack 1", }, ], }, }, { product_name: "Windows Server", version: { version_data: [ { version_value: "2008 R2 for x64-based Systems Service Pack 1 (Core installation)", }, { version_value: "2008 R2 for Itanium-Based Systems Service Pack 1", }, { version_value: "2008 R2 for x64-based Systems Service Pack 1", }, { version_value: "2008 for 32-bit Systems Service Pack 2 (Core installation)", }, { version_value: "2008 for Itanium-Based Systems Service Pack 2", }, { version_value: "2008 for 32-bit Systems Service Pack 2", }, { version_value: "2008 for x64-based Systems Service Pack 2", }, { version_value: "2008 for x64-based Systems Service Pack 2 (Core installation)", }, ], }, }, ], }, vendor_name: "Microsoft", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Remote Code Execution", }, ], }, ], }, references: { reference_data: [ { name: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708", refsource: "MISC", url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf", }, { name: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en", refsource: "CONFIRM", url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en", }, { name: "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en", refsource: "CONFIRM", url: "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en", }, { name: "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html", }, { name: "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html", }, { name: "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html", }, { name: "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html", }, { name: "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2019-0708", datePublished: "2019-05-16T18:17:00.000Z", dateReserved: "2018-11-26T00:00:00.000Z", dateUpdated: "2025-02-07T16:28:16.043Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }