All the vulnerabilites related to siemens - simatic_s7-1500t_firmware
cve-2019-6568
Vulnerability from cvelistv5
Published
2019-04-17 13:40
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
The webserver of the affected devices contains a vulnerability that may lead to
a denial of service condition. An attacker may cause a denial of service
situation which leads to a restart of the webserver of the affected device.
The security vulnerability could be exploited by an attacker with network
access to the affected systems. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise availability of the device.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:22.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1604",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1616",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 343-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1 OPC UA",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200pro IM154-8 PN/DP CPU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200pro IM154-8F PN/DP CPU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200pro IM154-8FX PN/DP CPU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200S IM151-8 PN/DP CPU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200S IM151-8F PN/DP CPU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.1.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC DiagMonitor",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF182C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF185C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF186C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF188C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF600R family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RFID 181EIP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.6.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 Software Controller",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 314C-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 315-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 315F-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 315T-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 317-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 317F-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 317T-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 317TF-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 319-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 319F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.0 SP1 UPD1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Teleservice Adapter IE Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Teleservice Adapter IE Basic",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Teleservice Adapter IE Standard",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinAC RTX 2010",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2010 SP3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinAC RTX F 2010",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2010 SP3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Runtime Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMOCODE pro V PROFINET (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.1.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G130 V4.6 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G130 V4.7 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G130 V4.7 SP1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G130 V4.8 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 HF6"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G130 V5.1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G130 V5.1 SP1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1 SP1 HF4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G150 V4.6 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G150 V4.7 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G150 V4.7 SP1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G150 V4.8 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 HF6"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G150 V5.1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G150 V5.1 SP1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1 SP1 HF4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS GH150 V4.7 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS GH150 V4.8 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 SP2 HF9"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS GL150 V4.7 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS GL150 V4.8 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 SP2 HF9"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS GM150 V4.7 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS GM150 V4.8 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 SP2 HF9"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 HF6"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1 SP1 HF4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S150 V4.6 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S150 V4.7 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S150 V4.7 SP1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S150 V4.8 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 HF6"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S150 V5.1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S150 V5.1 SP1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1 SP1 HF4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S210",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1 SP1 HF8"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS SL150 V4.7 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.7 HF33"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS SL150 V4.8 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS SM120 V4.7 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS SM120 V4.8 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 SP2 HF10"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS SM150 V4.8 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200S IM151-8 PN/DP CPU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200S IM151-8F PN/DP CPU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 343-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-300 CPU 314C-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-300 CPU 315-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-300 CPU 315F-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-300 CPU 317-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-300 CPU 317F-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SITOP Manager",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SITOP PSU8600",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.5"
}
]
},
{
"defaultStatus": "unknown",
"product": "SITOP UPS1600 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC (incl. SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device.\r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-09T11:51:03.049Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-6568",
"datePublished": "2019-04-17T13:40:24",
"dateReserved": "2019-01-22T00:00:00",
"dateUpdated": "2024-08-04T20:23:22.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-0160
Vulnerability from cvelistv5
Published
2014-04-07 00:00
Modified
2024-08-06 09:05
Severity ?
EPSS score ?
Summary
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217 | ||
| http://www.securitytracker.com/id/1030077 | vdb-entry | |
| http://seclists.org/fulldisclosure/2014/Apr/90 | mailing-list | |
| http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/ | ||
| http://www.debian.org/security/2014/dsa-2896 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139774054614965&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139889113431619&w=2 | vendor-advisory | |
| http://rhn.redhat.com/errata/RHSA-2014-0396.html | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139835815211508&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=141287864628122&w=2 | vendor-advisory | |
| http://www.kb.cert.org/vuls/id/720951 | third-party-advisory | |
| http://www.splunk.com/view/SP-CAAAMB3 | ||
| http://marc.info/?l=bugtraq&m=139905295427946&w=2 | vendor-advisory | |
| http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 | ||
| http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf | ||
| http://marc.info/?l=bugtraq&m=139833395230364&w=2 | vendor-advisory | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21670161 | ||
| http://www.vmware.com/security/advisories/VMSA-2014-0012.html | ||
| http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=142660345230545&w=2 | vendor-advisory | |
| http://seclists.org/fulldisclosure/2014/Apr/109 | mailing-list | |
| http://marc.info/?l=bugtraq&m=140724451518351&w=2 | vendor-advisory | |
| http://www.securitytracker.com/id/1030080 | vdb-entry | |
| http://secunia.com/advisories/57836 | third-party-advisory | |
| http://www-01.ibm.com/support/docview.wss?uid=isg400001843 | ||
| http://marc.info/?l=bugtraq&m=139808058921905&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139758572430452&w=2 | vendor-advisory | |
| http://www.securityfocus.com/bid/66690 | vdb-entry | |
| http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf | ||
| https://filezilla-project.org/versions.php?type=server | ||
| http://marc.info/?l=bugtraq&m=139843768401936&w=2 | vendor-advisory | |
| http://secunia.com/advisories/57483 | third-party-advisory | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed | vendor-advisory | |
| http://www.kerio.com/support/kerio-control/release-history | ||
| http://advisories.mageia.org/MGASA-2014-0165.html | ||
| http://www.blackberry.com/btsc/KB35882 | ||
| http://marc.info/?l=bugtraq&m=142660345230545&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=140075368411126&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139905351928096&w=2 | vendor-advisory | |
| http://www.securitytracker.com/id/1030081 | vdb-entry | |
| http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html | vendor-advisory | |
| http://www.securityfocus.com/archive/1/534161/100/0/threaded | mailing-list | |
| http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html | vendor-advisory | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1084875 | ||
| http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html | vendor-advisory | |
| http://www-01.ibm.com/support/docview.wss?uid=isg400001841 | ||
| http://marc.info/?l=bugtraq&m=139824993005633&w=2 | vendor-advisory | |
| http://www.securitytracker.com/id/1030079 | vdb-entry | |
| http://rhn.redhat.com/errata/RHSA-2014-0377.html | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139722163017074&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139889295732144&w=2 | vendor-advisory | |
| https://code.google.com/p/mod-spdy/issues/detail?id=85 | ||
| http://marc.info/?l=bugtraq&m=139765756720506&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139774703817488&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139905202427693&w=2 | vendor-advisory | |
| http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/ | ||
| http://heartbleed.com/ | ||
| http://marc.info/?l=bugtraq&m=139817782017443&w=2 | vendor-advisory | |
| http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01 | ||
| http://marc.info/?l=bugtraq&m=140015787404650&w=2 | vendor-advisory | |
| http://cogentdatahub.com/ReleaseNotes.html | ||
| http://marc.info/?l=bugtraq&m=139869720529462&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139842151128341&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139905243827825&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139905458328378&w=2 | vendor-advisory | |
| http://www.f-secure.com/en/web/labs_global/fsc-2014-1 | ||
| http://www.us-cert.gov/ncas/alerts/TA14-098A | third-party-advisory | |
| http://secunia.com/advisories/57347 | third-party-advisory | |
| https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html | mailing-list | |
| http://seclists.org/fulldisclosure/2014/Apr/173 | mailing-list | |
| https://blog.torproject.org/blog/openssl-bug-cve-2014-0160 | ||
| http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | ||
| http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html | ||
| https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html | ||
| http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3 | ||
| https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken | vendor-advisory | |
| http://seclists.org/fulldisclosure/2014/Dec/23 | mailing-list | |
| http://marc.info/?l=bugtraq&m=139905653828999&w=2 | vendor-advisory | |
| http://www.ubuntu.com/usn/USN-2165-1 | vendor-advisory | |
| http://rhn.redhat.com/errata/RHSA-2014-0378.html | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139757919027752&w=2 | vendor-advisory | |
| http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html | vendor-advisory | |
| http://www.exploit-db.com/exploits/32764 | exploit | |
| http://marc.info/?l=bugtraq&m=139757726426985&w=2 | vendor-advisory | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00 | ||
| http://marc.info/?l=bugtraq&m=139869891830365&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139905868529690&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139817685517037&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=140752315422991&w=2 | vendor-advisory | |
| http://seclists.org/fulldisclosure/2014/Apr/91 | mailing-list | |
| http://www.securitytracker.com/id/1030078 | vdb-entry | |
| http://secunia.com/advisories/59243 | third-party-advisory | |
| http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661 | ||
| http://marc.info/?l=bugtraq&m=139836085512508&w=2 | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139824923705461&w=2 | vendor-advisory | |
| http://rhn.redhat.com/errata/RHSA-2014-0376.html | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139835844111589&w=2 | vendor-advisory | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 | vendor-advisory | |
| https://www.cert.fi/en/reports/2014/vulnerability788210.html | ||
| http://secunia.com/advisories/57721 | third-party-advisory | |
| http://secunia.com/advisories/57968 | third-party-advisory | |
| http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/ | ||
| http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3 | ||
| http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html | vendor-advisory | |
| http://marc.info/?l=bugtraq&m=139905405728262&w=2 | vendor-advisory | |
| http://www.securitytracker.com/id/1030082 | vdb-entry | |
| http://marc.info/?l=bugtraq&m=139757819327350&w=2 | vendor-advisory | |
| http://www.exploit-db.com/exploits/32745 | exploit | |
| http://seclists.org/fulldisclosure/2014/Apr/190 | mailing-list | |
| http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/ | ||
| http://marc.info/?l=bugtraq&m=139817727317190&w=2 | vendor-advisory | |
| https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008 | ||
| http://www.openssl.org/news/secadv_20140407.txt | ||
| https://gist.github.com/chapmajs/10473815 | ||
| http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1 | ||
| http://www.securitytracker.com/id/1030074 | vdb-entry | |
| http://support.citrix.com/article/CTX140605 | ||
| http://secunia.com/advisories/59139 | third-party-advisory | |
| http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/ | ||
| http://secunia.com/advisories/57966 | third-party-advisory | |
| http://www.securitytracker.com/id/1030026 | vdb-entry | |
| http://secunia.com/advisories/59347 | third-party-advisory | |
| https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E | mailing-list | |
| https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E | mailing-list | |
| https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html | ||
| https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E | mailing-list | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf | ||
| https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E | mailing-list | |
| https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:05:39.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217"
},
{
"name": "1030077",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030077"
},
{
"name": "20140408 heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/90"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/"
},
{
"name": "DSA-2896",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2896"
},
{
"name": "HPSBGN03008",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139774054614965\u0026w=2"
},
{
"name": "HPSBMU03024",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139889113431619\u0026w=2"
},
{
"name": "RHSA-2014:0396",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0396.html"
},
{
"name": "HPSBHF03021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139835815211508\u0026w=2"
},
{
"name": "HPSBHF03136",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141287864628122\u0026w=2"
},
{
"name": "VU#720951",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/720951"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.splunk.com/view/SP-CAAAMB3"
},
{
"name": "HPSBMU03033",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905295427946\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf"
},
{
"name": "HPSBGN03011",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139833395230364\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670161"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "openSUSE-SU-2014:0492",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html"
},
{
"name": "SSRT101846",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"name": "20140409 Re: heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/109"
},
{
"name": "HPSBMU03037",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140724451518351\u0026w=2"
},
{
"name": "1030080",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030080"
},
{
"name": "57836",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/57836"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"name": "HPSBMU03012",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139808058921905\u0026w=2"
},
{
"name": "HPSBST03001",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139758572430452\u0026w=2"
},
{
"name": "66690",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66690"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://filezilla-project.org/versions.php?type=server"
},
{
"name": "HPSBMU03023",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139843768401936\u0026w=2"
},
{
"name": "57483",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/57483"
},
{
"name": "20140409 OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.kerio.com/support/kerio-control/release-history"
},
{
"tags": [
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0165.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/KB35882"
},
{
"name": "HPSBHF03293",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"name": "HPSBMU03044",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140075368411126\u0026w=2"
},
{
"name": "HPSBMU03030",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905351928096\u0026w=2"
},
{
"name": "1030081",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030081"
},
{
"name": "FEDORA-2014-4879",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "FEDORA-2014-4910",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875"
},
{
"name": "FEDORA-2014-9308",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"name": "HPSBMU03013",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139824993005633\u0026w=2"
},
{
"name": "1030079",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030079"
},
{
"name": "RHSA-2014:0377",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0377.html"
},
{
"name": "HPSBMU02995",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139722163017074\u0026w=2"
},
{
"name": "HPSBPI03031",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139889295732144\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "https://code.google.com/p/mod-spdy/issues/detail?id=85"
},
{
"name": "HPSBMU02999",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139765756720506\u0026w=2"
},
{
"name": "HPSBGN03010",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139774703817488\u0026w=2"
},
{
"name": "HPSBMU03029",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905202427693\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/"
},
{
"tags": [
"x_transferred"
],
"url": "http://heartbleed.com/"
},
{
"name": "HPSBMU03018",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817782017443\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01"
},
{
"name": "HPSBMU03040",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140015787404650\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "http://cogentdatahub.com/ReleaseNotes.html"
},
{
"name": "HPSBMU03025",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139869720529462\u0026w=2"
},
{
"name": "HPSBST03016",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139842151128341\u0026w=2"
},
{
"name": "HPSBMU03028",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905243827825\u0026w=2"
},
{
"name": "HPSBMU03009",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905458328378\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-1"
},
{
"name": "TA14-098A",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-098A"
},
{
"name": "57347",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/57347"
},
{
"name": "[syslog-ng-announce] 20140411 syslog-ng Premium Edition 5 LTS (5.0.4a) has been released",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html"
},
{
"name": "20140411 MRI Rubies may contain statically linked, vulnerable OpenSSL",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/173"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3"
},
{
"name": "HPSBST03000",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "HPSBST03004",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905653828999\u0026w=2"
},
{
"name": "USN-2165-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2165-1"
},
{
"name": "RHSA-2014:0378",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0378.html"
},
{
"name": "HPSBMU02997",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757919027752\u0026w=2"
},
{
"name": "SUSE-SA:2014:002",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html"
},
{
"name": "32764",
"tags": [
"exploit",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/32764"
},
{
"name": "HPSBMU02994",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757726426985\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160512_00"
},
{
"name": "HPSBMU03022",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139869891830365\u0026w=2"
},
{
"name": "HPSBST03027",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905868529690\u0026w=2"
},
{
"name": "HPSBMU03019",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817685517037\u0026w=2"
},
{
"name": "HPSBMU03062",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"name": "20140408 Re: heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/91"
},
{
"name": "1030078",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030078"
},
{
"name": "59243",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/59243"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661"
},
{
"name": "HPSBMU03020",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139836085512508\u0026w=2"
},
{
"name": "HPSBST03015",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139824923705461\u0026w=2"
},
{
"name": "RHSA-2014:0376",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0376.html"
},
{
"name": "HPSBPI03014",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139835844111589\u0026w=2"
},
{
"name": "MDVSA-2015:062",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cert.fi/en/reports/2014/vulnerability788210.html"
},
{
"name": "57721",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/57721"
},
{
"name": "57968",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/57968"
},
{
"tags": [
"x_transferred"
],
"url": "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/"
},
{
"tags": [
"x_transferred"
],
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3"
},
{
"name": "openSUSE-SU-2014:0560",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html"
},
{
"name": "HPSBMU03032",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905405728262\u0026w=2"
},
{
"name": "1030082",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030082"
},
{
"name": "HPSBMU02998",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757819327350\u0026w=2"
},
{
"name": "32745",
"tags": [
"exploit",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/32745"
},
{
"name": "20140412 Re: heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/190"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/"
},
{
"name": "HPSBMU03017",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817727317190\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openssl.org/news/secadv_20140407.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/chapmajs/10473815"
},
{
"tags": [
"x_transferred"
],
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1"
},
{
"name": "1030074",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030074"
},
{
"tags": [
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX140605"
},
{
"name": "59139",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/59139"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/"
},
{
"name": "57966",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/57966"
},
{
"name": "1030026",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030026"
},
{
"name": "59347",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/59347"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"
},
{
"tags": [
"x_transferred"
],
"url": "https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"
},
{
"tags": [
"x_transferred"
],
"url": "https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-15T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217"
},
{
"name": "1030077",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030077"
},
{
"name": "20140408 heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/90"
},
{
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/"
},
{
"name": "DSA-2896",
"tags": [
"vendor-advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2896"
},
{
"name": "HPSBGN03008",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139774054614965\u0026w=2"
},
{
"name": "HPSBMU03024",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139889113431619\u0026w=2"
},
{
"name": "RHSA-2014:0396",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0396.html"
},
{
"name": "HPSBHF03021",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139835815211508\u0026w=2"
},
{
"name": "HPSBHF03136",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141287864628122\u0026w=2"
},
{
"name": "VU#720951",
"tags": [
"third-party-advisory"
],
"url": "http://www.kb.cert.org/vuls/id/720951"
},
{
"url": "http://www.splunk.com/view/SP-CAAAMB3"
},
{
"name": "HPSBMU03033",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905295427946\u0026w=2"
},
{
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"url": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf"
},
{
"name": "HPSBGN03011",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139833395230364\u0026w=2"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670161"
},
{
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "openSUSE-SU-2014:0492",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html"
},
{
"name": "SSRT101846",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"name": "20140409 Re: heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/109"
},
{
"name": "HPSBMU03037",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140724451518351\u0026w=2"
},
{
"name": "1030080",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030080"
},
{
"name": "57836",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/57836"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"name": "HPSBMU03012",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139808058921905\u0026w=2"
},
{
"name": "HPSBST03001",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139758572430452\u0026w=2"
},
{
"name": "66690",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/66690"
},
{
"url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf"
},
{
"url": "https://filezilla-project.org/versions.php?type=server"
},
{
"name": "HPSBMU03023",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139843768401936\u0026w=2"
},
{
"name": "57483",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/57483"
},
{
"name": "20140409 OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products",
"tags": [
"vendor-advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed"
},
{
"url": "http://www.kerio.com/support/kerio-control/release-history"
},
{
"url": "http://advisories.mageia.org/MGASA-2014-0165.html"
},
{
"url": "http://www.blackberry.com/btsc/KB35882"
},
{
"name": "HPSBHF03293",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"name": "HPSBMU03044",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140075368411126\u0026w=2"
},
{
"name": "HPSBMU03030",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905351928096\u0026w=2"
},
{
"name": "1030081",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030081"
},
{
"name": "FEDORA-2014-4879",
"tags": [
"vendor-advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "FEDORA-2014-4910",
"tags": [
"vendor-advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875"
},
{
"name": "FEDORA-2014-9308",
"tags": [
"vendor-advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"name": "HPSBMU03013",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139824993005633\u0026w=2"
},
{
"name": "1030079",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030079"
},
{
"name": "RHSA-2014:0377",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0377.html"
},
{
"name": "HPSBMU02995",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139722163017074\u0026w=2"
},
{
"name": "HPSBPI03031",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139889295732144\u0026w=2"
},
{
"url": "https://code.google.com/p/mod-spdy/issues/detail?id=85"
},
{
"name": "HPSBMU02999",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139765756720506\u0026w=2"
},
{
"name": "HPSBGN03010",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139774703817488\u0026w=2"
},
{
"name": "HPSBMU03029",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905202427693\u0026w=2"
},
{
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/"
},
{
"url": "http://heartbleed.com/"
},
{
"name": "HPSBMU03018",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817782017443\u0026w=2"
},
{
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01"
},
{
"name": "HPSBMU03040",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140015787404650\u0026w=2"
},
{
"url": "http://cogentdatahub.com/ReleaseNotes.html"
},
{
"name": "HPSBMU03025",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139869720529462\u0026w=2"
},
{
"name": "HPSBST03016",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139842151128341\u0026w=2"
},
{
"name": "HPSBMU03028",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905243827825\u0026w=2"
},
{
"name": "HPSBMU03009",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905458328378\u0026w=2"
},
{
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-1"
},
{
"name": "TA14-098A",
"tags": [
"third-party-advisory"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-098A"
},
{
"name": "57347",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/57347"
},
{
"name": "[syslog-ng-announce] 20140411 syslog-ng Premium Edition 5 LTS (5.0.4a) has been released",
"tags": [
"mailing-list"
],
"url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html"
},
{
"name": "20140411 MRI Rubies may contain statically linked, vulnerable OpenSSL",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/173"
},
{
"url": "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html"
},
{
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html"
},
{
"url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3"
},
{
"name": "HPSBST03000",
"tags": [
"vendor-advisory"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "HPSBST03004",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905653828999\u0026w=2"
},
{
"name": "USN-2165-1",
"tags": [
"vendor-advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2165-1"
},
{
"name": "RHSA-2014:0378",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0378.html"
},
{
"name": "HPSBMU02997",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757919027752\u0026w=2"
},
{
"name": "SUSE-SA:2014:002",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html"
},
{
"name": "32764",
"tags": [
"exploit"
],
"url": "http://www.exploit-db.com/exploits/32764"
},
{
"name": "HPSBMU02994",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757726426985\u0026w=2"
},
{
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160512_00"
},
{
"name": "HPSBMU03022",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139869891830365\u0026w=2"
},
{
"name": "HPSBST03027",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905868529690\u0026w=2"
},
{
"name": "HPSBMU03019",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817685517037\u0026w=2"
},
{
"name": "HPSBMU03062",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"name": "20140408 Re: heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/91"
},
{
"name": "1030078",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030078"
},
{
"name": "59243",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/59243"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661"
},
{
"name": "HPSBMU03020",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139836085512508\u0026w=2"
},
{
"name": "HPSBST03015",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139824923705461\u0026w=2"
},
{
"name": "RHSA-2014:0376",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0376.html"
},
{
"name": "HPSBPI03014",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139835844111589\u0026w=2"
},
{
"name": "MDVSA-2015:062",
"tags": [
"vendor-advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
},
{
"url": "https://www.cert.fi/en/reports/2014/vulnerability788210.html"
},
{
"name": "57721",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/57721"
},
{
"name": "57968",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/57968"
},
{
"url": "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/"
},
{
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3"
},
{
"name": "openSUSE-SU-2014:0560",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html"
},
{
"name": "HPSBMU03032",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905405728262\u0026w=2"
},
{
"name": "1030082",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030082"
},
{
"name": "HPSBMU02998",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757819327350\u0026w=2"
},
{
"name": "32745",
"tags": [
"exploit"
],
"url": "http://www.exploit-db.com/exploits/32745"
},
{
"name": "20140412 Re: heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/190"
},
{
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/"
},
{
"name": "HPSBMU03017",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817727317190\u0026w=2"
},
{
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008"
},
{
"url": "http://www.openssl.org/news/secadv_20140407.txt"
},
{
"url": "https://gist.github.com/chapmajs/10473815"
},
{
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1"
},
{
"name": "1030074",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030074"
},
{
"url": "http://support.citrix.com/article/CTX140605"
},
{
"name": "59139",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/59139"
},
{
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/"
},
{
"name": "57966",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/57966"
},
{
"name": "1030026",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030026"
},
{
"name": "59347",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/59347"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"
},
{
"url": "https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"
},
{
"url": "https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-0160",
"datePublished": "2014-04-07T00:00:00",
"dateReserved": "2013-12-03T00:00:00",
"dateUpdated": "2024-08-06T09:05:39.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-6575
Vulnerability from cvelistv5
Published
2019-04-17 13:40
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions < V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R family (All versions < V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 < V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions < V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Upd 4), SINEC NMS (All versions < V1.0 SP1), SINEMA Server (All versions < V14 SP2), SINUMERIK OPC UA Server (All versions < V2.1), TeleControl Server Basic (All versions < V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC CP 443-1 OPC UA |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:22.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SIMATIC CP 443-1 OPC UA",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.7"
}
]
},
{
"product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd 4"
}
]
},
{
"product": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd 4"
}
]
},
{
"product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd 4"
}
]
},
{
"product": "SIMATIC IPC DiagMonitor",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1.3"
}
]
},
{
"product": "SIMATIC NET PC Software V13",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC NET PC Software V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP1 Update 14"
}
]
},
{
"product": "SIMATIC NET PC Software V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC RF188C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.0"
}
]
},
{
"product": "SIMATIC RF600R family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.1"
}
]
},
{
"product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.5 \u003c V2.6.1"
}
]
},
{
"product": "SIMATIC S7-1500 Software Controller",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions between V2.5 (including) and V2.7 (excluding)"
}
]
},
{
"product": "SIMATIC WinCC OA",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.15 P018"
}
]
},
{
"product": "SIMATIC WinCC Runtime Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd 4"
}
]
},
{
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.0 SP1"
}
]
},
{
"product": "SINEMA Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP2"
}
]
},
{
"product": "SINUMERIK OPC UA Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.1"
}
]
},
{
"product": "TeleControl Server Basic",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248: Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-10T11:16:36",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-6575",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC CP 443-1 OPC UA",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.7"
}
]
}
},
{
"product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Upd 4"
}
]
}
},
{
"product_name": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Upd 4"
}
]
}
},
{
"product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Upd 4"
}
]
}
},
{
"product_name": "SIMATIC IPC DiagMonitor",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.1.3"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V13",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V14",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V14 SP1 Update 14"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V15",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC RF188C",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V1.1.0"
}
]
}
},
{
"product_name": "SIMATIC RF600R family",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.2.1"
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.5 \u003c V2.6.1"
}
]
}
},
{
"product_name": "SIMATIC S7-1500 Software Controller",
"version": {
"version_data": [
{
"version_value": "All versions between V2.5 (including) and V2.7 (excluding)"
}
]
}
},
{
"product_name": "SIMATIC WinCC OA",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.15 P018"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Advanced",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Upd 4"
}
]
}
},
{
"product_name": "SINEC NMS",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V1.0 SP1"
}
]
}
},
{
"product_name": "SINEMA Server",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V14 SP2"
}
]
}
},
{
"product_name": "SINUMERIK OPC UA Server",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.1"
}
]
}
},
{
"product_name": "TeleControl Server Basic",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.1.1"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-248: Uncaught Exception"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-6575",
"datePublished": "2019-04-17T13:40:24",
"dateReserved": "2019-01-22T00:00:00",
"dateUpdated": "2024-08-04T20:23:22.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2019-04-17 14:29
Modified
2024-11-21 04:46
Severity ?
Summary
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions < V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R family (All versions < V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 < V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions < V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Upd 4), SINEC NMS (All versions < V1.0 SP1), SINEMA Server (All versions < V14 SP2), SINUMERIK OPC UA Server (All versions < V2.1), TeleControl Server Basic (All versions < V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_cp443-1_opc_ua_firmware | * | |
| siemens | simatic_cp443-1_opc_ua | - | |
| siemens | simatic_et_200_open_controller_cpu_1515sp_pc2_firmware | * | |
| siemens | simatic_et_200_open_controller_cpu_1515sp_pc2 | - | |
| siemens | simatic_ipc_diagmonitor_firmware | * | |
| siemens | simatic_ipc_diagmonitor | - | |
| siemens | simatic_net_pc_software_firmware | * | |
| siemens | simatic_net_pc_software | - | |
| siemens | simatic_rf188c_firmware | * | |
| siemens | simatic_rf188c | - | |
| siemens | simatic_rf600r_firmware | * | |
| siemens | simatic_rf600r | - | |
| siemens | simatic_s7-1500_firmware | * | |
| siemens | simatic_s7-1500 | - | |
| siemens | opc_unified_architecture | * | |
| siemens | simatic_s7-1500_software_controller | * | |
| siemens | simatic_wincc_oa | * | |
| siemens | simatic_wincc_runtime_advanced | * | |
| siemens | simatic_wincc_runtime_comfort | * | |
| siemens | simatic_wincc_runtime_hsp_comfort | * | |
| siemens | simatic_wincc_runtime_mobile | * | |
| siemens | sinec-nms | * | |
| siemens | sinec-nms | 1.0 | |
| siemens | sinema_server | * | |
| siemens | sinumerik_opc_ua_server | * | |
| siemens | telecontrol_server_basic | * | |
| siemens | simatic_s7-1500f_firmware | * | |
| siemens | simatic_s7-1500f | - | |
| siemens | simatic_s7-1500s_firmware | * | |
| siemens | simatic_s7-1500s | - | |
| siemens | simatic_s7-1500t_firmware | * | |
| siemens | simatic_s7-1500t | - | |
| siemens | simatic_hmi_comfort_outdoor_panels_firmware | * | |
| siemens | simatic_hmi_comfort_outdoor_panels_firmware | 15.1 | |
| siemens | simatic_hmi_comfort_outdoor_panels_firmware | 15.1 | |
| siemens | simatic_hmi_comfort_outdoor_panels_firmware | 15.1 | |
| siemens | simatic_hmi_comfort_outdoor_panels_firmware | 15.1 | |
| siemens | simatic_hmi_comfort_outdoor_panels | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp400f_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp400f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp400f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp400f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp400f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp400f | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900 | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700f_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700f | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700 | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900f_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900f | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp443-1_opc_ua_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0780D2-8892-490E-9C38-6D1516EBCA76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp443-1_opc_ua:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47272AD2-1D05-419E-A6BE-8836DF69FF82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_et_200_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB5AE88-04E5-467E-85E5-D3C0DDA2B21F",
"versionEndExcluding": "2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_et_200_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0944C4-8FD7-4B00-85B7-6DB430EAA884",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc_diagmonitor_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91371CD0-EBDF-43C5-A262-A46E1C343716",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc_diagmonitor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E06833-4C26-40AC-B6CF-F7D1322462D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_pc_software_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77022802-113F-42E7-8FBF-C47BB50E8DA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_pc_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7A00F5A-9B28-45FF-8549-290302939DFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3D41E9-58B3-4251-8710-A8C4A24ABBD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf600r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9523EC09-36C9-41E1-A485-C75819A2DB72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf600r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA55275-691D-4269-93E4-C559C89E3FA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "065D2218-EA10-410E-A49A-C9A259469421",
"versionEndIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30DDEA9B-E1BF-4572-8E12-D13C54603E77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:opc_unified_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6230C5B0-2F36-4C94-BA28-D36170952423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "054D17CD-74AF-473E-A3BC-7B69DFB1C04B",
"versionEndIncluding": "2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_oa:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B74D88E-E8D7-4AA9-8B54-CC833E26CEB4",
"versionEndExcluding": "3.15-p018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79EE15DC-74D3-4551-AAD0-EA0CB600DA76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_comfort:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9AE946B-D532-4CEB-B109-C8B951B61E49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_hsp_comfort:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49D722B2-948B-4F11-AD36-E1378BB40403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "455411C4-037C-47BF-9BD6-AC7F9C2D30F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinec-nms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED63145-9082-4346-871B-DF0A6F91E7F0",
"versionEndExcluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinec-nms:1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1F6F05DC-0FBA-4D25-A2E6-06D873B3DFAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinema_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C55DA617-6333-40DA-AB7D-EE49A453E143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinumerik_opc_ua_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E31B88B-E743-4DFD-996B-154F7F48C510",
"versionEndExcluding": "2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:telecontrol_server_basic:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2ECBEF2-9B1A-49F8-9850-0AF09BF71ED7",
"versionEndExcluding": "3.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58CCDA0F-F657-4AF8-BE53-A3993C0280B3",
"versionEndIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A255BC06-2776-4111-A525-76B17371B295",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3F162D0-998E-4EC9-BA59-D9B47B07EF69",
"versionEndIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1752A2A-0034-4E00-AAC6-FA15345D7A41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C47ADAD6-2DDE-49EF-864B-CC9448399E7B",
"versionEndIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "741B2C38-174C-49DF-98D8-F7D6F49D1CE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7299F88D-8885-4871-93E1-CBEFD3156B15",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "F18EA7BD-47D0-4367-8F18-C89239B201E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:upd_1:*:*:*:*:*:*",
"matchCriteriaId": "DE71784C-012F-40EC-82E2-3BE8589F00DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:upd_2:*:*:*:*:*:*",
"matchCriteriaId": "C5A35FDE-C76F-430E-BD15-373F9F30FED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:upd_3:*:*:*:*:*:*",
"matchCriteriaId": "37A6344F-CB58-4CFA-A971-395BFB3FF02B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:upd_1:*:*:*:*:*:*",
"matchCriteriaId": "E949961E-320A-4E25-A0CA-5EBC7DA0AD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:upd_2:*:*:*:*:*:*",
"matchCriteriaId": "A390DCB7-4511-4931-A34B-BF6A9B84370D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:upd_3:*:*:*:*:*:*",
"matchCriteriaId": "FF5136A8-130C-4121-A250-B4DE5883239E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:upd_1:*:*:*:*:*:*",
"matchCriteriaId": "862B1996-202B-42DF-A7DA-D01CD43C4AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:upd_2:*:*:*:*:*:*",
"matchCriteriaId": "7AFD3E4C-7125-4FB5-991F-76A31AD61BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:upd_3:*:*:*:*:*:*",
"matchCriteriaId": "71172F82-C9B6-4DEC-ADCC-F455E72936CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:upd_1:*:*:*:*:*:*",
"matchCriteriaId": "A8CA985F-3678-46F4-BE2E-BDBCCD1BC0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:upd_2:*:*:*:*:*:*",
"matchCriteriaId": "1A28CC05-0CEA-4221-83CE-4029726F60E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:upd_3:*:*:*:*:*:*",
"matchCriteriaId": "5D612CB7-45A0-44AC-BB96-12AFE2B14CE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:upd_1:*:*:*:*:*:*",
"matchCriteriaId": "7B0FAB4F-7D95-4FC0-AF59-CCEDC6E22DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:upd_2:*:*:*:*:*:*",
"matchCriteriaId": "5C925AE3-7262-4DDD-803D-D871A66CD2B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:upd_3:*:*:*:*:*:*",
"matchCriteriaId": "E64DEED6-7E6F-4E79-BA4D-2B2E43B2B97D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:upd_1:*:*:*:*:*:*",
"matchCriteriaId": "9429BA23-CB76-4574-B7F8-530882CF704A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:upd_2:*:*:*:*:*:*",
"matchCriteriaId": "3794C871-098D-428F-89EA-ADDEFD4E4A86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:upd_3:*:*:*:*:*:*",
"matchCriteriaId": "386F501D-5C7D-4336-A39D-31B12C5BCB56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SIMATIC CP 443-1 OPC UA (todas las versiones), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incluidas las variantes SIPLUS) (todas las versiones anteriores a V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026amp; 15\" (incluidas las variantes SIPLUS) (todas las versiones anteriores a V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incluidas las variantes SIPLUS) (todas las versiones anteriores a V15. 1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 y KTP900F (Todas las versiones anteriores a V15.1 Upd 4), SIMATIC IPC DiagMonitor (Todas las versiones anteriores a V5.1. 3), SIMATIC NET PC Software V13 (Todas las versiones), SIMATIC NET PC Software V14 (Todas las versiones anteriores a V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC RF188C (Todas las versiones anteriores a V1. 1.0), familia SIMATIC RF600R (Todas las versiones anteriores a V3.2.1), familia de CPUs SIMATIC S7-1500 (incluidas las CPUs ET200 relacionadas y las variantes SIPLUS) (Todas las versiones posteriores o iguales a V2.5 anteriores a V2.6.1), SIMATIC S7-1500 Software Controller (Todas las versiones entre V2.5 (incluida) y V2.7 (excluida)), SIMATIC WinCC OA (Todas las versiones anteriores a V3. 15 P018), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a V15.1 Upd 4), SINEC NMS (Todas las versiones anteriores a V1.0 SP1), SINEMA Server (Todas las versiones anteriores a V14 SP2), SINUMERIK OPC UA Server (Todas las versiones anteriores a V2.1), TeleControl Server Basic (Todas las versiones anteriores a V3.1.1). Los paquetes de red especialmente dise\u00f1ados que se env\u00edan a los dispositivos afectados en el puerto 4840/tcp podr\u00edan permitir a un atacante remoto no autenticado provocar una condici\u00f3n de denegaci\u00f3n de servicio de la comunicaci\u00f3n OPC o bloquear el dispositivo. La vulnerabilidad de seguridad podr\u00eda ser explotada por un atacante con acceso a la red de los sistemas afectados. La explotaci\u00f3n exitosa no requiere privilegios del sistema ni interacci\u00f3n del usuario. Un atacante podr\u00eda utilizar la vulnerabilidad para comprometer la disponibilidad de la comunicaci\u00f3n OPC"
}
],
"id": "CVE-2019-6575",
"lastModified": "2024-11-21T04:46:43.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-17T14:29:03.760",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-248"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-07 22:55
Modified
2025-01-06 19:36
Severity ?
Summary
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://advisories.mageia.org/MGASA-2014-0165.html | Third Party Advisory | |
| secalert@redhat.com | http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/ | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | http://cogentdatahub.com/ReleaseNotes.html | Release Notes | |
| secalert@redhat.com | http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01 | Broken Link | |
| secalert@redhat.com | http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3 | Broken Link | |
| secalert@redhat.com | http://heartbleed.com/ | Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139722163017074&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139757726426985&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139757819327350&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139757919027752&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139758572430452&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139765756720506&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139774054614965&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139774703817488&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139808058921905&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139817685517037&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139817727317190&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139817782017443&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139824923705461&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139824993005633&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139833395230364&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139835815211508&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139835844111589&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139836085512508&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139842151128341&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139843768401936&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139869720529462&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139869891830365&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139889113431619&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139889295732144&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139905202427693&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139905243827825&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139905295427946&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139905351928096&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139905405728262&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139905458328378&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139905653828999&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=139905868529690&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=140015787404650&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=140075368411126&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=140724451518351&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=140752315422991&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=141287864628122&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=142660345230545&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=142660345230545&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1 | Third Party Advisory | |
| secalert@redhat.com | http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3 | Permissions Required, Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2014-0376.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2014-0377.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2014-0378.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2014-0396.html | Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2014/Apr/109 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2014/Apr/173 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2014/Apr/190 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2014/Apr/90 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2014/Apr/91 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2014/Dec/23 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/57347 | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/57483 | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/57721 | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/57836 | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/57966 | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/57968 | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/59139 | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/59243 | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/59347 | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://support.citrix.com/article/CTX140605 | Third Party Advisory | |
| secalert@redhat.com | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=isg400001841 | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=isg400001843 | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661 | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21670161 | Broken Link | |
| secalert@redhat.com | http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://www.blackberry.com/btsc/KB35882 | Broken Link | |
| secalert@redhat.com | http://www.debian.org/security/2014/dsa-2896 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.exploit-db.com/exploits/32745 | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.exploit-db.com/exploits/32764 | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.f-secure.com/en/web/labs_global/fsc-2014-1 | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/ | Release Notes | |
| secalert@redhat.com | http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/ | Third Party Advisory | |
| secalert@redhat.com | http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/ | Release Notes | |
| secalert@redhat.com | http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/ | Release Notes | |
| secalert@redhat.com | http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf | Not Applicable | |
| secalert@redhat.com | http://www.kb.cert.org/vuls/id/720951 | Third Party Advisory, US Government Resource | |
| secalert@redhat.com | http://www.kerio.com/support/kerio-control/release-history | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 | Broken Link, Third Party Advisory | |
| secalert@redhat.com | http://www.openssl.org/news/secadv_20140407.txt | Broken Link, Vendor Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | Patch, Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html | Patch, Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/archive/1/534161/100/0/threaded | Broken Link, Not Applicable, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securityfocus.com/bid/66690 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1030026 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1030074 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1030077 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1030078 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1030079 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1030080 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1030081 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1030082 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.splunk.com/view/SP-CAAAMB3 | Third Party Advisory | |
| secalert@redhat.com | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00 | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2165-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.us-cert.gov/ncas/alerts/TA14-098A | Third Party Advisory, US Government Resource | |
| secalert@redhat.com | http://www.vmware.com/security/advisories/VMSA-2014-0012.html | Broken Link | |
| secalert@redhat.com | http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 | Broken Link | |
| secalert@redhat.com | https://blog.torproject.org/blog/openssl-bug-cve-2014-0160 | Issue Tracking | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1084875 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf | Third Party Advisory | |
| secalert@redhat.com | https://code.google.com/p/mod-spdy/issues/detail?id=85 | Issue Tracking | |
| secalert@redhat.com | https://filezilla-project.org/versions.php?type=server | Release Notes | |
| secalert@redhat.com | https://gist.github.com/chapmajs/10473815 | Exploit | |
| secalert@redhat.com | https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken | Broken Link | |
| secalert@redhat.com | https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E | Mailing List, Patch, Third Party Advisory | |
| secalert@redhat.com | https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E | Mailing List, Patch, Third Party Advisory | |
| secalert@redhat.com | https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E | Mailing List, Patch, Third Party Advisory | |
| secalert@redhat.com | https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E | Mailing List, Patch, Third Party Advisory | |
| secalert@redhat.com | https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html | Exploit, Permissions Required, Third Party Advisory | |
| secalert@redhat.com | https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html | Third Party Advisory | |
| secalert@redhat.com | https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217 | Third Party Advisory | |
| secalert@redhat.com | https://www.cert.fi/en/reports/2014/vulnerability788210.html | Not Applicable, Third Party Advisory | |
| secalert@redhat.com | https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008 | Third Party Advisory | |
| secalert@redhat.com | https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd | Broken Link, Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2014-0165.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/ | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cogentdatahub.com/ReleaseNotes.html | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://heartbleed.com/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139722163017074&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139757726426985&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139757819327350&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139757919027752&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139758572430452&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139765756720506&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139774054614965&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139774703817488&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139808058921905&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139817685517037&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139817727317190&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139817782017443&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139824923705461&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139824993005633&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139833395230364&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139835815211508&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139835844111589&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139836085512508&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139842151128341&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139843768401936&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139869720529462&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139869891830365&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139889113431619&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139889295732144&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139905202427693&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139905243827825&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139905295427946&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139905351928096&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139905405728262&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139905458328378&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139905653828999&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=139905868529690&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=140015787404650&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=140075368411126&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=140724451518351&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=140752315422991&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=141287864628122&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=142660345230545&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=142660345230545&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0376.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0377.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0378.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0396.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2014/Apr/109 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2014/Apr/173 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2014/Apr/190 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2014/Apr/90 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2014/Apr/91 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2014/Dec/23 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/57347 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/57483 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/57721 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/57836 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/57966 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/57968 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/59139 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/59243 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/59347 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.citrix.com/article/CTX140605 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=isg400001841 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=isg400001843 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21670161 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.blackberry.com/btsc/KB35882 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2896 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.exploit-db.com/exploits/32745 | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.exploit-db.com/exploits/32764 | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.f-secure.com/en/web/labs_global/fsc-2014-1 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/ | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/ | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/ | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/720951 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kerio.com/support/kerio-control/release-history | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openssl.org/news/secadv_20140407.txt | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/534161/100/0/threaded | Broken Link, Not Applicable, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/66690 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1030026 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1030074 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1030077 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1030078 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1030079 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1030080 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1030081 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1030082 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.splunk.com/view/SP-CAAAMB3 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2165-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/ncas/alerts/TA14-098A | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2014-0012.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.torproject.org/blog/openssl-bug-cve-2014-0160 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1084875 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://code.google.com/p/mod-spdy/issues/detail?id=85 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://filezilla-project.org/versions.php?type=server | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gist.github.com/chapmajs/10473815 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html | Exploit, Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cert.fi/en/reports/2014/vulnerability788210.html | Not Applicable, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd | Broken Link, Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openssl | openssl | * | |
| filezilla-project | filezilla_server | * | |
| siemens | application_processing_engine_firmware | 2.0 | |
| siemens | application_processing_engine | - | |
| siemens | cp_1543-1_firmware | 1.1 | |
| siemens | cp_1543-1 | - | |
| siemens | simatic_s7-1500_firmware | 1.5 | |
| siemens | simatic_s7-1500 | - | |
| siemens | simatic_s7-1500t_firmware | 1.5 | |
| siemens | simatic_s7-1500t | - | |
| siemens | elan-8.2 | * | |
| siemens | wincc_open_architecture | 3.12 | |
| intellian | v100_firmware | 1.20 | |
| intellian | v100_firmware | 1.21 | |
| intellian | v100_firmware | 1.24 | |
| intellian | v100 | - | |
| intellian | v60_firmware | 1.15 | |
| intellian | v60_firmware | 1.25 | |
| intellian | v60 | - | |
| mitel | micollab | 6.0 | |
| mitel | micollab | 7.0 | |
| mitel | micollab | 7.1 | |
| mitel | micollab | 7.2 | |
| mitel | micollab | 7.3 | |
| mitel | micollab | 7.3.0.104 | |
| mitel | mivoice | 1.1.2.5 | |
| mitel | mivoice | 1.1.3.3 | |
| mitel | mivoice | 1.2.0.11 | |
| mitel | mivoice | 1.3.2.2 | |
| mitel | mivoice | 1.4.0.102 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| redhat | gluster_storage | 2.1 | |
| redhat | storage | 2.1 | |
| redhat | virtualization | 6.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| ricon | s9922l_firmware | 16.10.3\(3794\) | |
| ricon | s9922l | 1.0 | |
| broadcom | symantec_messaging_gateway | 10.6.0 | |
| broadcom | symantec_messaging_gateway | 10.6.1 | |
| splunk | splunk | * |
{
"cisaActionDue": "2022-05-25",
"cisaExploitAdd": "2022-05-04",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "OpenSSL Information Disclosure Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE79AC6-5484-4A53-8333-373DAD1B5649",
"versionEndExcluding": "1.0.1g",
"versionStartIncluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:filezilla-project:filezilla_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F09BC00-9D25-4C39-B705-A5A29F630517",
"versionEndExcluding": "0.9.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:application_processing_engine_firmware:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "119DBCCC-439E-4148-9E11-CE8038066811",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:application_processing_engine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE6A8466-8A69-491B-8DAB-877A6C2F6660",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:cp_1543-1_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B60287DD-E302-4F8C-833F-E8BE94BDB8D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:cp_1543-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F703FF33-882F-4CB5-9CA0-8FAE670B2AEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500_firmware:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "92646048-3383-4F12-ABCA-8346D9837C2C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30DDEA9B-E1BF-4572-8E12-D13C54603E77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500t_firmware:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "80CEA1F3-B820-4D36-B879-7D55F3B95002",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "741B2C38-174C-49DF-98D8-F7D6F49D1CE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:elan-8.2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B77B3ED9-1841-449E-B3B2-F53E73254314",
"versionEndExcluding": "8.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:wincc_open_architecture:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B42FE7D9-673C-4FF3-924B-FC21DF06F769",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intellian:v100_firmware:1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F2BCF2-2D0C-44AB-AE21-FBC7F04D099A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intellian:v100_firmware:1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "B46DDC44-A1B4-4DF8-8AD5-FD235F1C2D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intellian:v100_firmware:1.24:*:*:*:*:*:*:*",
"matchCriteriaId": "82BF6806-3E91-4B22-B53D-13F4CD19F757",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intellian:v100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF9C2817-7F10-4369-A106-68DF9369B454",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intellian:v60_firmware:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "9079EBFD-B901-4077-AD4B-A8B034BDDEA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intellian:v60_firmware:1.25:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC20C7E-E264-4892-AA43-E289207935EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intellian:v60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD513662-1089-4BF8-A0F8-9BE5CBF937BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mitel:micollab:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03433A5D-632E-47A5-871A-5859C80CB038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:micollab:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B28F2FB-F263-4B2E-A4C7-951A474FD7F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:micollab:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DC89913A-F419-43E8-B846-D7AA769EA898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:micollab:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9C5C14AB-2C97-406E-98B5-0BDC8B0AFEA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:micollab:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C08973EF-E86A-46D7-9CF6-4374F2789ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:micollab:7.3.0.104:*:*:*:*:*:*:*",
"matchCriteriaId": "F2317158-3EE7-4894-ADC0-109E0D94DA0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:mivoice:1.1.2.5:*:*:*:*:lync:*:*",
"matchCriteriaId": "501B4ED7-0A26-430A-91A2-29099D3CF493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:mivoice:1.1.3.3:*:*:*:*:skype_for_business:*:*",
"matchCriteriaId": "A93F15B3-1341-446F-85D0-E1842EA1F42C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:mivoice:1.2.0.11:*:*:*:*:skype_for_business:*:*",
"matchCriteriaId": "37A5858D-8DE8-4865-A803-7D8A9D4EA306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:mivoice:1.3.2.2:*:*:*:*:skype_for_business:*:*",
"matchCriteriaId": "32B33A4D-1E37-4EAA-AE25-7DA399D50046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mitel:mivoice:1.4.0.102:*:*:*:*:skype_for_business:*:*",
"matchCriteriaId": "EDD5CCE5-CD24-4288-952F-B5814454A890",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:gluster_storage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B45F8E4-0E7A-4D55-84C2-5BE5B6335269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:storage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53C986BD-2D1F-4865-B16D-72FD875E3776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37BA55FC-D350-4DEB-9802-40AF59C99E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ricon:s9922l_firmware:16.10.3\\(3794\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ED94033-99C2-419B-BBFA-247B4BB3ED4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ricon:s9922l:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB07C7E6-1DFD-4B39-BA17-FB2912CB92D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:symantec_messaging_gateway:10.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1745640A-621C-458B-92C6-C24BA06D79E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:symantec_messaging_gateway:10.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DEF17D-93AD-4E79-96ED-E7C44332BD52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "F660A53D-39E7-422A-9E77-3D69A91F2E07",
"versionEndExcluding": "6.0.3",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug."
},
{
"lang": "es",
"value": "Las implementaciones de (1) TLS y (2) DTLS en OpenSSL 1.0.1 en versiones anteriores a 1.0.1g no manejan adecuadamente paquetes Heartbeat Extension, lo que permite a atacantes remotos obtener informaci\u00f3n sensible desde la memoria de proceso a trav\u00e9s de paquetes manipulados que desencadenan una sobrelectura del buffer, seg\u00fan lo demostrado mediante la lectura de claves privadas, relacionado con d1_both.c y t1_lib.c, tambi\u00e9n conocido como bug Heartbleed."
}
],
"evaluatorImpact": "CVSS V2 scoring evaluates the impact of the vulnerability on the host where the vulnerability is located. When evaluating the impact of this vulnerability to your organization, take into account the nature of the data that is being protected and act according to your organization\u2019s risk acceptance. While CVE-2014-0160 does not allow unrestricted access to memory on the targeted host, a successful exploit does leak information from memory locations which have the potential to contain particularly sensitive information, e.g., cryptographic keys and passwords. Theft of this information could enable other attacks on the information system, the impact of which would depend on the sensitivity of the data and functions of that system.",
"id": "CVE-2014-0160",
"lastModified": "2025-01-06T19:36:39.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-04-07T22:55:03.893",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0165.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "http://cogentdatahub.com/ReleaseNotes.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://heartbleed.com/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139722163017074\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757726426985\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757819327350\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757919027752\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139758572430452\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139765756720506\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139774054614965\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139774703817488\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139808058921905\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817685517037\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817727317190\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817782017443\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139824923705461\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139824993005633\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139833395230364\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139835815211508\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139835844111589\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139836085512508\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139842151128341\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139843768401936\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139869720529462\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139869891830365\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139889113431619\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139889295732144\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905202427693\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905243827825\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905295427946\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905351928096\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905405728262\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905458328378\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905653828999\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905868529690\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140015787404650\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140075368411126\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140724451518351\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141287864628122\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0376.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0377.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0378.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0396.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/109"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/173"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/190"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/90"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/91"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/57347"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/57483"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/57721"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/57836"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/57966"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/57968"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59139"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59243"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59347"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX140605"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670161"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.blackberry.com/btsc/KB35882"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2896"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/32745"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/32764"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/720951"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.kerio.com/support/kerio-control/release-history"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://www.openssl.org/news/secadv_20140407.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Not Applicable",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66690"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030026"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030074"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030077"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030078"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030079"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030080"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030081"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030082"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.splunk.com/view/SP-CAAAMB3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160512_00"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2165-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-098A"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://code.google.com/p/mod-spdy/issues/detail?id=85"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "https://filezilla-project.org/versions.php?type=server"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "https://gist.github.com/chapmajs/10473815"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Permissions Required",
"Third Party Advisory"
],
"url": "https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable",
"Third Party Advisory"
],
"url": "https://www.cert.fi/en/reports/2014/vulnerability788210.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
],
"url": "https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0165.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://cogentdatahub.com/ReleaseNotes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://heartbleed.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139722163017074\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757726426985\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757819327350\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757919027752\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139758572430452\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139765756720506\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139774054614965\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139774703817488\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139808058921905\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817685517037\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817727317190\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817782017443\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139824923705461\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139824993005633\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139833395230364\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139835815211508\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139835844111589\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139836085512508\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139842151128341\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139843768401936\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139869720529462\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139869891830365\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139889113431619\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139889295732144\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905202427693\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905243827825\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905295427946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905351928096\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905405728262\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905458328378\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905653828999\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905868529690\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140015787404650\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140075368411126\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140724451518351\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141287864628122\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0376.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0377.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0378.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0396.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/90"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/91"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/57347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/57483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/57721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/57836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/57966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/57968"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX140605"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.blackberry.com/btsc/KB35882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/32745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/32764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/720951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.kerio.com/support/kerio-control/release-history"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://www.openssl.org/news/secadv_20140407.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Not Applicable",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.splunk.com/view/SP-CAAAMB3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160512_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2165-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-098A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://code.google.com/p/mod-spdy/issues/detail?id=85"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://filezilla-project.org/versions.php?type=server"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://gist.github.com/chapmajs/10473815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Permissions Required",
"Third Party Advisory"
],
"url": "https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Third Party Advisory"
],
"url": "https://www.cert.fi/en/reports/2014/vulnerability788210.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
],
"url": "https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-17 14:29
Modified
2024-11-21 04:46
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The webserver of the affected devices contains a vulnerability that may lead to
a denial of service condition. An attacker may cause a denial of service
situation which leads to a restart of the webserver of the affected device.
The security vulnerability could be exploited by an attacker with network
access to the affected systems. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise availability of the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf | Vendor Advisory | |
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | cp1604_firmware | * | |
| siemens | cp1604 | - | |
| siemens | cp1616_firmware | * | |
| siemens | cp1616 | - | |
| siemens | simatic_rf185c_firmware | * | |
| siemens | simatic_rf185c | - | |
| siemens | simatic_cp343-1_advanced_firmware | * | |
| siemens | simatic_cp343-1_advanced | - | |
| siemens | simatic_cp443-1_firmware | * | |
| siemens | simatic_cp443-1 | - | |
| siemens | simatic_cp443-1_advanced_firmware | * | |
| siemens | simatic_cp443-1_advanced | - | |
| siemens | simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware | * | |
| siemens | simatic_et_200_sp_open_controller_cpu_1515sp_pc | - | |
| siemens | simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware | * | |
| siemens | simatic_et_200_sp_open_controller_cpu_1515sp_pc2 | - | |
| siemens | simatic_hmi_comfort_outdoor_panels_firmware | * | |
| siemens | simatic_hmi_comfort_outdoor_panels_firmware | 15.1 | |
| siemens | simatic_hmi_comfort_outdoor_panels | - | |
| siemens | simatic_hmi_comfort_panels_firmware | * | |
| siemens | simatic_hmi_comfort_panels_firmware | 15.1 | |
| siemens | simatic_hmi_comfort_panels | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp400f_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp400f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp400f | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700 | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700f_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700f | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900 | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900f_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900f | - | |
| siemens | simatic_cp443-1_opc_ua | * | |
| siemens | simatic_ipc_diagmonitor | * | |
| siemens | simatic_s7-1500_software_controller | * | |
| siemens | simatic_s7-plcsim_advanced | * | |
| siemens | simatic_s7-plcsim_advanced | 2.0 | |
| siemens | simatic_s7-plcsim_advanced | 2.0 | |
| siemens | simatic_wincc_runtime_advanced | * | |
| siemens | simatic_wincc_runtime_advanced | 15.1 | |
| siemens | simatic_wincc_runtime_advanced | 15.1 | |
| siemens | simatic_wincc_runtime_advanced | 15.1 | |
| siemens | simatic_wincc_runtime_advanced | 15.1 | |
| siemens | sitop_manager | * | |
| siemens | simatic_rf600r_firmware | * | |
| siemens | simatic_rf600r | - | |
| siemens | simatic_rf188c_firmware | * | |
| siemens | simatic_rf188c | - | |
| siemens | simatic_rf186c_firmware | * | |
| siemens | simatic_rf186c | - | |
| siemens | simatic_rf182c_firmware | * | |
| siemens | simatic_rf182c | - | |
| siemens | simatic_rf181-eip_firmware | * | |
| siemens | simatic_rf181-eip | - | |
| siemens | simatic_s7-1500_firmware | * | |
| siemens | simatic_s7-1500 | - | |
| siemens | simatic_s7-300_firmware | * | |
| siemens | simatic_s7-300 | - | |
| siemens | simatic_s7-400_pn_firmware | * | |
| siemens | simatic_s7-400_pn | - | |
| siemens | simatic_s7-400_pn\/dp_firmware | * | |
| siemens | simatic_s7-400_pn\/dp | - | |
| siemens | simatic_teleservice_adapter_ie_advanced_firmware | * | |
| siemens | simatic_teleservice_adapter_ie_advanced | - | |
| siemens | simatic_teleservice_adapter_ie_basic_firmware | * | |
| siemens | simatic_teleservice_adapter_ie_basic | - | |
| siemens | simatic_teleservice_adapter_ie_standard_firmware | * | |
| siemens | simatic_teleservice_adapter_ie_standard | - | |
| siemens | simatic_winac_rtx_firmware | * | |
| siemens | simatic_winac_rtx_firmware | 2010 | |
| siemens | simatic_winac_rtx | - | |
| siemens | simocode_pro_v_eip_firmware | * | |
| siemens | simocode_pro_v_eip | - | |
| siemens | simocode_pro_v_pn_firmware | * | |
| siemens | simocode_pro_v_pn | - | |
| siemens | sinamics_g130_firmware | * | |
| siemens | sinamics_g130 | - | |
| siemens | sinamics_g150_firmware | * | |
| siemens | sinamics_g150 | - | |
| siemens | sinamics_s120_firmware | * | |
| siemens | sinamics_s120 | - | |
| siemens | sinamics_s150_firmware | * | |
| siemens | sinamics_s150_firmware | 5.1 | |
| siemens | sinamics_s150_firmware | 5.1 | |
| siemens | sinamics_s150_firmware | 5.1 | |
| siemens | sinamics_s150 | - | |
| siemens | sinamics_s210_firmware | * | |
| siemens | sinamics_s210_firmware | 5.1 | |
| siemens | sinamics_s210_firmware | 5.1 | |
| siemens | sinamics_s210 | - | |
| siemens | sitop_psu8600_firmware | * | |
| siemens | sitop_psu8600 | - | |
| siemens | sitop_ups1600_firmware | * | |
| siemens | sitop_ups1600 | - | |
| siemens | tim_1531_irc_firmware | * | |
| siemens | tim_1531_irc | - | |
| siemens | simatic_s7-1500f_firmware | * | |
| siemens | simatic_s7-1500f | - | |
| siemens | simatic_s7-1500s_firmware | * | |
| siemens | simatic_s7-1500s | - | |
| siemens | simatic_s7-1500t_firmware | * | |
| siemens | simatic_s7-1500t | - | |
| siemens | sinamics_gh150_firmware | * | |
| siemens | sinamics_gh150_firmware | 4.8 | |
| siemens | sinamics_gh150 | - | |
| siemens | sinamics_gl150_firmware | * | |
| siemens | sinamics_gl150_firmware | 4.8 | |
| siemens | sinamics_gl150 | - | |
| siemens | sinamics_gm150_firmware | * | |
| siemens | sinamics_gm150_firmware | 4.8 | |
| siemens | sinamics_gm150 | - | |
| siemens | sinamics_sl150_firmware | * | |
| siemens | sinamics_sl150_firmware | 4.8 | |
| siemens | sinamics_sl150 | - | |
| siemens | sinamics_sm120_firmware | * | |
| siemens | sinamics_sm120_firmware | 4.8 | |
| siemens | sinamics_sm120 | - | |
| siemens | sinamics_sm150_firmware | * | |
| siemens | sinamics_sm150_firmware | 5.1 | |
| siemens | sinamics_sm150 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:cp1604_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E737620D-9D00-4151-B232-7DFB7FD768B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:cp1604:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6222006F-09D7-49F7-B8C7-4D94298A8F6A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:cp1616_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65FE6F54-1457-4EB6-9273-1D93B3B97386",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:cp1616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "184365A2-BAD2-4926-ACEE-F71E018D3CE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69EE2BF6-3846-478F-9AC6-BEF34617F3B5",
"versionEndExcluding": "1.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp343-1_advanced_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E6601B8-E032-4B39-BF65-F25CF047EB99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp343-1_advanced:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACCC0229-E454-4BEF-931A-3CD820500822",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp443-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2035A020-F41E-4FC7-A290-9923574D4921",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp443-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB8636E9-A3DA-4DDC-A3FC-B3EAAD07952E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp443-1_advanced_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD15638-8B84-4DA2-9DDC-9A1CA3548E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp443-1_advanced:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE94F56-71DB-4837-9818-6827C80DE2BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1873751-81F4-4732-B30F-9F2DEECBC110",
"versionEndExcluding": "2.1.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9A5678E-9EAA-441A-AC77-94F824D64AEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F36AC571-C958-4CB8-91D9-5417C1812C02",
"versionEndExcluding": "2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00361A3C-60E9-4365-BB51-09D7792C441D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7299F88D-8885-4871-93E1-CBEFD3156B15",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "F18EA7BD-47D0-4367-8F18-C89239B201E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "865FD012-F390-4BB8-B14F-533840B95512",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "5418D916-49A6-4B79-A653-E2C5221DEBE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_cp443-1_opc_ua:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56396833-12BF-4AE5-8D3E-695652A99DBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_ipc_diagmonitor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD49A39-47D7-473C-9E46-6D9246BC6D04",
"versionEndExcluding": "5.1.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11C0A94D-5506-4A75-99E1-CA9769AF057C",
"versionEndExcluding": "2.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B66A2A4-5062-45F8-A615-2DA716650909",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "AED3A3AF-EF77-4E58-91AD-BBE01E1DA4A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "23039930-E45C-4B0E-883A-E2F9A7502984",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
"matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
"matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
"matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sitop_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2662688E-6975-46C7-939B-25FF4790518D",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf600r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16CBED3D-892A-4EC0-BE2E-358040C34304",
"versionEndExcluding": "3.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf600r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA55275-691D-4269-93E4-C559C89E3FA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25F96DAA-696D-4EB4-97DF-986C7681700B",
"versionEndExcluding": "1.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8FFD1C-8E33-48E9-A884-B80311F8BA4C",
"versionEndExcluding": "1.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf182c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC4F972-3A3B-421C-8D62-9C5C4D1992CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf182c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7540DAD9-2AAC-46A9-B1C5-BB1AC4FCE710",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf181-eip_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA94867-4367-4186-8A4B-44C3CBCCEF7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf181-eip:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E10A0D57-8805-44DB-95E3-1B240ED5ED09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AE766CD-695B-4A12-8BC5-3743D8E3D73E",
"versionEndExcluding": "2.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30DDEA9B-E1BF-4572-8E12-D13C54603E77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9461CADE-1624-4D1B-8CF2-CF65F75071C0",
"versionEndExcluding": "3.3.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EFD4E99-5C66-443F-8B6F-FA01C895DE78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-400_pn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A2219FE-2C3F-4948-85D6-3C53AC08722B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-400_pn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "795D0FF9-1D0B-4C74-BEF3-58EAE74DFA0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-400_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC917346-94F6-44FD-AC00-AED0CF3CBBD1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-400_pn\\/dp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F60D816D-85A5-4971-AF2D-666AE0B74E9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_advanced_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E76BDE-C7E9-4D6B-B5D9-A456516CD016",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_advanced:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DA3D1A-E435-418F-9A13-945B4BA15FC7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_basic_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80D166A8-1EEC-42F4-8EAB-1747247A7A05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_basic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA520B6-5177-43E4-87C0-C215F79FE9B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_standard_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C887573-8BE8-42CF-B35A-22F9311AC627",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_standard:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5A3F7E-D039-430F-89B0-6AB4FD2428D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_winac_rtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDBB38-20D2-48C3-8B58-62C2D8CC00B8",
"versionEndExcluding": "2010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_winac_rtx_firmware:2010:-:*:*:*:*:*:*",
"matchCriteriaId": "EA59D713-F342-4CDA-BDC8-108352D385DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_winac_rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA5ADAB0-3985-4933-8CDD-D1546D8271CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simocode_pro_v_eip_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A001968-C7FD-4C11-8439-11532B234CC2",
"versionEndExcluding": "1.1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simocode_pro_v_eip:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50BDA360-0D33-42DC-ADB9-2F69503C2CD8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simocode_pro_v_pn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15CB26DA-7CA0-4BD6-A219-01F6E8A6F03F",
"versionEndExcluding": "2.1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simocode_pro_v_pn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1779AE78-AC90-48BE-8FF2-CC11E7CA3CB4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_g130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "856768D2-C096-4CA7-B26F-E94B005C0D79",
"versionEndExcluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "373DBE44-AC28-4D04-93BB-35CD8C60E899",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_g150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C579C2C7-0402-46B2-A770-C3B7F71D1096",
"versionEndExcluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2296CA65-0E89-4BCB-8003-E7212BF1F585",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03F9CBC3-B2B3-4FA7-963D-A8F3AE6D8EA0",
"versionEndExcluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A824BD-935F-4E53-8313-C5544B0489C7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "126AC93E-A39F-4754-9707-207C9F2F64F4",
"versionEndExcluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:-:*:*:*:*:*:*",
"matchCriteriaId": "3E8BCCED-BDC6-4785-8705-799836E5024E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "098262CC-4D3B-4E55-83C3-2816403C553B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:sp1_hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "6092F899-9A89-4FA4-BD80-97511DF7CF8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D48682C-A39D-4A09-B904-50FA64A9D2A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7269713-6505-41DF-B85B-F729E24A3F5B",
"versionEndExcluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BEBF14B3-65A0-41E9-B99C-D88548F307CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "F151297C-3097-483F-98B5-0261BD547421",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_s210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFA8FB3-12A9-4D2E-BCFD-C66313521C80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sitop_psu8600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F389808-001E-4650-86B2-00A72D25BCD0",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sitop_psu8600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55058209-8AE5-42AF-80D4-5A7A44307266",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sitop_ups1600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD39CC96-ABE3-4854-A102-36AFE1F6CB14",
"versionEndExcluding": "2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sitop_ups1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC1A64E-6A27-4F91-8A13-829E0F7D8E80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B023E75A-B76D-4FD8-9660-1F233092160F",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D94BEB-BBFB-4258-9835-87DBBB999239",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C47A4A-BE81-499A-AB36-491661B88693",
"versionEndExcluding": "2.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A255BC06-2776-4111-A525-76B17371B295",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66A446D2-39ED-4635-AAA0-85D977F600FE",
"versionEndExcluding": "2.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1752A2A-0034-4E00-AAC6-FA15345D7A41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5238622A-BCAD-4A06-9920-49BECFDDC2A6",
"versionEndExcluding": "2.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "741B2C38-174C-49DF-98D8-F7D6F49D1CE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E231DE7-8B8D-41A3-A163-CE8EF50AF9D0",
"versionEndExcluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:4.8:-:*:*:*:*:*:*",
"matchCriteriaId": "6D076504-AFE3-4C51-80E5-C5992CA7D511",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3653DA37-DB23-41E0-8CE8-838E384AA40A",
"versionEndExcluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:4.8:-:*:*:*:*:*:*",
"matchCriteriaId": "0F86A334-10F9-4DFB-A421-CBCAFD86C8C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E25804D-D943-4C2A-9C78-AAC61F7BA4FF",
"versionEndExcluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:4.8:-:*:*:*:*:*:*",
"matchCriteriaId": "06B69CD4-3AEC-4014-81DB-33805A44A5D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD67D30A-8681-41AE-B248-7E50BA1B9FC8",
"versionEndExcluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:4.8:-:*:*:*:*:*:*",
"matchCriteriaId": "FCC0EE8B-1088-46B6-992A-B8E12A7B7DC2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31393A1B-4DBC-476D-875E-463B4B887E1B",
"versionEndExcluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:4.8:-:*:*:*:*:*:*",
"matchCriteriaId": "0206F9F2-27C7-4D2F-817B-13F8FA31E547",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC70D596-AA1E-4196-87B0-BECEE6568AA7",
"versionEndExcluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:5.1:-:*:*:*:*:*:*",
"matchCriteriaId": "1E81CDB5-122F-48D1-B9F1-4C401D46D978",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device.\r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device."
},
{
"lang": "es",
"value": "SIPLUS), paneles exteriores SIMATIC HMI Comfort de 7\" y 15\" (incl. variantes SIPLUS), paneles SIMATIC HMI Comfort de 4\" - 22\" (incl. variantes SIPLUS), paneles SIMATIC ET 200SP Open Controller CPU 1515SP PC SIPLUS), paneles m\u00f3viles SIMATIC HMI KTP KTP400F, KTP700, KTP700F, KTP900 y KTP900F, SIMATIC IPC DiagMonitor, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, familia SIMATIC RF600R, familia de CPUs SIMATIC S7-1500 (incl. CPUs ET200 y variantes SIPLUS), controlador de software SIMATIC S7-1500, familia de CPUs SIMATIC S7-300 (incluidas las CPUs ET200 y variantes SIPLUS), familia de CPUs SIMATIC S7-400 PN/DP V6 e inferiores (incluidas las variantes SIPLUS), familia de CPUs SIMATIC S7-400 PN/DP V7 (incluidas las variantes SIPLUS) SIPLUS), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP (incl. SIPLUS), SIMOCODE pro V PN (incl. variantes SIPLUS), SINAMICS G130 V4.6 Control Unit, SINAMICS G130 V4.7 Control Unit, SINAMICS G130 V4.7 SP1 Control Unit, SINAMICS G130 V4.8 Control Unit, SINAMICS G130 V5.1 Control Unit, SINAMICS G130 V5. 1 SP1 Unidad de control, SINAMICS G150 V4.6 Unidad de control, SINAMICS G150 V4.7 Unidad de control, SINAMICS G150 V4.7 SP1 Unidad de control, SINAMICS G150 V4.8 Unidad de control, SINAMICS G150 V5. 1 Unidad de control, SINAMICS G150 V5.1 SP1 Unidad de control, SINAMICS GH150 V4.7 (Unidad de control), SINAMICS GH150 V4.8 (Unidad de control), SINAMICS GL150 V4.7 (Unidad de control), SINAMICS GL150 V4. 8 (Unidad de control), SINAMICS GM150 V4.7 (Unidad de control), SINAMICS GM150 V4.8 (Unidad de control), SINAMICS S120 V4.6 Unidad de control (incl. variantes SIPLUS), SINAMICS S120 V4.7 Unidad de control (incl. variantes SIPLUS) SIPLUS), SINAMICS S120 V4.7 SP1 (incl. variantes SIPLUS), SINAMICS S120 V4.8 (incl. variantes SIPLUS), SINAMICS S120 V5.1 (incl. variantes SIPLUS) SIPLUS), SINAMICS S120 V5.1 SP1 Unidad de Control (incl. variantes SIPLUS), SINAMICS S150 V4.6 Unidad de Control, SINAMICS S150 V4.7 Unidad de Control, SINAMICS S150 V4.7 SP1 Unidad de Control, SINAMICS S150 V4. 8 Unidad de control, SINAMICS S150 V5.1 Unidad de control, SINAMICS S150 V5.1 SP1 Unidad de control, SINAMICS S210 V5.1 Unidad de control, SINAMICS S210 V5.1 SP1 Unidad de control, SINAMICS SL150 V4. 7 (Unidad de Control), SINAMICS SL150 V4.8 (Unidad de Control), SINAMICS SM120 V4.7 (Unidad de Control), SINAMICS SM120 V4.8 (Unidad de Control), SINAMICS SM150 V4. 8 (unidad de control), SIPLUS NET CP 343-1 Advanced, SIPLUS NET CP 443-1, SIPLUS NET CP 443-1 Advanced, SITOP Manager, SITOP PSU8600, SITOP UPS1600 (incl. variantes SIPLUS), TIM 1531 IRC (incl. variantes SIPLUS NET). El servidor web de los dispositivos afectados contiene una vulnerabilidad que puede conducir a una condici\u00f3n de denegaci\u00f3n de servicio. Un atacante puede provocar una situaci\u00f3n de denegaci\u00f3n de servicio que lleve a reiniciar el servidor web del dispositivo afectado. La vulnerabilidad de seguridad podr\u00eda ser explotada por un atacante con acceso a la red de los sistemas afectados. La explotaci\u00f3n exitosa no requiere privilegios del sistema ni interacci\u00f3n del usuario. Un atacante podr\u00eda utilizar la vulnerabilidad para comprometer la disponibilidad del dispositivo"
}
],
"id": "CVE-2019-6568",
"lastModified": "2024-11-21T04:46:42.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2019-04-17T14:29:03.683",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
},
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}