All the vulnerabilites related to ibm - storwize_v7000_firmware
Vulnerability from fkie_nvd
Published
2018-05-17 21:29
Modified
2024-11-21 03:59
Severity ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 139474.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 139474."
},
{
"lang": "es",
"value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) son vulnerables a Cross-Site Request Forgery (CSRF), lo que podr\u00eda permitir que un atacante ejecute acciones maliciosas no autorizadas transmitidas de un usuario en el que conf\u00eda el sitio web. IBM X-Force ID: 139474."
}
],
"id": "CVE-2018-1434",
"lastModified": "2024-11-21T03:59:48.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-17T21:29:00.323",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139474"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-11 02:59
Modified
2024-11-21 03:28
Severity ?
Summary
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | struts | * | |
| apache | struts | * | |
| ibm | storwize_v3500_firmware | 7.7.1.6 | |
| ibm | storwize_v3500_firmware | 7.8.1.0 | |
| ibm | storwize_v3500 | - | |
| ibm | storwize_v5000_firmware | 7.7.1.6 | |
| ibm | storwize_v5000_firmware | 7.8.1.0 | |
| ibm | storwize_v5000 | - | |
| ibm | storwize_v7000_firmware | 7.7.1.6 | |
| ibm | storwize_v7000_firmware | 7.8.1.0 | |
| ibm | storwize_v7000 | - | |
| lenovo | storage_v5030_firmware | 7.7.1.6 | |
| lenovo | storage_v5030_firmware | 7.8.1.0 | |
| lenovo | storage_v5030 | - | |
| hp | server_automation | 9.1.0 | |
| hp | server_automation | 10.0.0 | |
| hp | server_automation | 10.1.0 | |
| hp | server_automation | 10.2.0 | |
| hp | server_automation | 10.5.0 | |
| oracle | weblogic_server | 10.3.6.0.0 | |
| oracle | weblogic_server | 12.1.3.0.0 | |
| oracle | weblogic_server | 12.2.1.1.0 | |
| oracle | weblogic_server | 12.2.1.2.0 | |
| arubanetworks | clearpass_policy_manager | * | |
| netapp | oncommand_balance | - |
{
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Apache Struts Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40D3EE72-E37F-4F4C-996D-50E144CF43DD",
"versionEndExcluding": "2.3.32",
"versionStartIncluding": "2.2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2F63D06-B26A-4DB6-8B07-B847554ABCA8",
"versionEndExcluding": "2.5.10.1",
"versionStartIncluding": "2.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:7.7.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB119E1-7736-4C99-AD9C-9E8820769D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:7.8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A0C06E-B833-4A52-B1F0-FEC9BEF372A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:7.7.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F445D22E-8976-4ADC-81FD-49B351B2802A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:7.8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9E6724-8796-4DD5-9CE2-8E602DA893F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:7.7.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D1D7A801-1861-4479-9367-60F792BF8016",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:7.8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF96E49-9530-4718-B5A9-7366D10CC890",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:storage_v5030_firmware:7.7.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "371CD28E-6187-4EB1-8B73-645F7A6BFFD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:lenovo:storage_v5030_firmware:7.8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0AFFAA-F7AE-416C-A40D-24F972EE18BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:storage_v5030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2A4179B-51C5-486B-8CFF-D49436D60910",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:server_automation:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "112DFE68-A609-4B76-8227-4DE9CAC25F54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:server_automation:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "951C042F-9C83-4DBB-8070-A926A1B46591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:server_automation:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9404A4-6B73-436E-A8FB-914530D6000A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:server_automation:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32AFBE84-5394-49A1-844A-ED964A46ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:server_automation:10.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38ABFD4F-8E97-4418-A921-BF9F4D95A4A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B40B13B7-68B3-4510-968C-6A730EB46462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C93CC705-1F8C-4870-99E6-14BF264C3811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4C533-DE42-463B-9D80-5D4C85BF1A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A1728D5-E03B-49A0-849C-B722197AF054",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D1193B0-59C9-4AC0-BBA0-CED6FCC91883",
"versionEndExcluding": "6.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string."
},
{
"lang": "es",
"value": "El analizador sint\u00e1ctico Jakarta Multipart en Apache Struts 2 en versiones 2.3.x anteriores a la 2.3.32 y versiones 2.5.x anteriores a la 2.5.10.1 no maneja correctamente las excepciones y la generaci\u00f3n de mensajes de error, lo que permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de una cadena #cmd= en un encabezado HTTP de Content-Type, Content-Disposition o Content-Length manipulado."
}
],
"id": "CVE-2017-5638",
"lastModified": "2024-11-21T03:28:04.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-11T02:59:00.150",
"references": [
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"
},
{
"source": "security@apache.org",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
},
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96729"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037973"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Press/Media Coverage"
],
"url": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"
},
{
"source": "security@apache.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
},
{
"source": "security@apache.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/WW/S2-046"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exploit-db.com/exploits/41570"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link"
],
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link"
],
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228"
},
{
"source": "security@apache.org",
"tags": [
"Exploit"
],
"url": "https://github.com/mazen160/struts-pwn"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/rapid7/metasploit-framework/issues/8064"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://isc.sans.edu/diary/22169"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List"
],
"url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List"
],
"url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List"
],
"url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170310-0001/"
},
{
"source": "security@apache.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://struts.apache.org/docs/s2-045.html"
},
{
"source": "security@apache.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://struts.apache.org/docs/s2-046.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/len-14200"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://twitter.com/theog150/status/841146956135124993"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/41614/"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/834067"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link"
],
"url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Press/Media Coverage"
],
"url": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/WW/S2-046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exploit-db.com/exploits/41570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://github.com/mazen160/struts-pwn"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/rapid7/metasploit-framework/issues/8064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://isc.sans.edu/diary/22169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170310-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://struts.apache.org/docs/s2-045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://struts.apache.org/docs/s2-046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/len-14200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://twitter.com/theog150/status/841146956135124993"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/41614/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/834067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-09-24 18:48
Modified
2025-01-06 19:36
Severity ?
Summary
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
References
Impacted products
{
"cisaActionDue": "2022-07-28",
"cisaExploitAdd": "2022-01-28",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4DBE402-1B0A-4854-ABE5-891321454C25",
"versionEndIncluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCA5A28D-79B6-4F3E-9C98-65D4DFAD8EE7",
"versionEndExcluding": "4.9.12",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1DC7EF-C994-4252-9DFE-DCA63FB17AE0",
"versionEndExcluding": "4.10.9",
"versionStartIncluding": "4.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9056776F-03F6-4C3D-8635-37D66FD16EAA",
"versionEndExcluding": "4.11.11",
"versionStartIncluding": "4.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFEE6963-F73F-4B71-B4F8-6E550FBDA5F6",
"versionEndExcluding": "4.12.9",
"versionStartIncluding": "4.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8296875A-64FA-4592-848A-A923126BD8AF",
"versionEndExcluding": "4.13.9",
"versionStartIncluding": "4.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "816A16AF-1F5E-483A-AA89-3022818FAE43",
"versionEndExcluding": "4.14.4f",
"versionStartIncluding": "4.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:4:*:*:*:*:*:*:*",
"matchCriteriaId": "F8421899-5D10-4C2B-88AA-3DA909FE3E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*",
"matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
"matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8B7F1F-22F6-4B10-A6E5-DE44B1D2E649",
"versionEndExcluding": "4.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:4.1.1:-:*:*:*:*:*:*",
"matchCriteriaId": "F407EA72-BA1A-41A2-B699-874304A638A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:4.1.1:build_0927:*:*:*:*:*:*",
"matchCriteriaId": "DDA25903-B334-438B-8196-B9E5119199D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76F1E356-E019-47E8-AA5F-702DA93CF74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F805A106-9A6F-48E7-8582-D3C5A26DFC11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC489F35-07F1-4C3E-80B9-78F0689BC54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95CE35FC-266F-4025-A0B8-FB853C020800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6252E88C-27FF-420D-A64A-C34124CF7E6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5537E1-1E8E-49C5-B4CB-A8E2EE3F5088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "804DFF9F-BAA8-4239-835B-6182471A224F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE496C0-35F7-44DC-B3F0-71EA3A613C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "71179893-49F2-433C-A7AC-687075F9CC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4C43D8-02A5-4385-A89E-F265FEEC9E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "37ECC029-3D84-4DD7-B28B-E5AD5559CF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CBED2A-B6B0-420E-BC40-160930D8662E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "652F7BB0-A6EA-45D0-86D4-49F4CA6C3EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:*:*:*:*:*:*:*",
"matchCriteriaId": "29BBF1AC-F31F-4251-8054-0D89A8E6E990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:*:*:*:*:*:*:*",
"matchCriteriaId": "C52A4A2F-6385-4E5F-B2C7-0EF7267546F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "6D8D654F-2442-4EA0-AF89-6AC2CD214772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "D8ED0658-5F8F-48F0-A605-A2205DA27DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "8BCF87FD-9358-42A5-9917-25DF0180A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "C385DA76-4863-4D39-84D2-9D185D322365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "188019BF-3700-4B3F-BFA5-553B2B545B7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8B2E32-B838-4E51-BAA2-764089D2A684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "4319B943-7B19-468D-A160-5895F7F997A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "634C23AC-AC9C-43F4-BED8-1C720816D5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6ADFB8-210D-4E46-82A2-1C8705928382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "92C9F1C4-55B0-426D-BB5E-01372C23AF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8821E5FE-319D-40AB-A515-D56C1893E6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "74BCA435-7594-49E8-9BAE-9E02E129B6C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*",
"matchCriteriaId": "CED02712-1031-4206-AC4D-E68710F46EC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
"matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*",
"matchCriteriaId": "7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "94C9C346-6DEC-4C72-9F59-BB3BEC42B551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2071DABB-7102-47F2-A15F-A6C03607D01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A8661E86-E075-427F-8E05-7A33811A3A76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEFCC35D-1C83-4CA5-8B1D-9A637613AD7E",
"versionEndIncluding": "1.0.0.4",
"versionStartIncluding": "1.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "054736AF-96E0-491D-B824-CC4A35B76E14",
"versionEndIncluding": "1.1.0.4",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "575894EE-F13C-4D56-8B63-59A379F63BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E476AEB-AD38-4033-8426-DC502497D75A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C062C89-5DC2-46EE-A9D3-23E7539A5DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "20981443-6A64-4852-B2CB-3299927C6F78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "59761BB8-FCC7-4D15-88A8-82076CCF196F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*",
"matchCriteriaId": "CF399B2E-8413-4B80-A0C0-E61E8A0A8604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "230EBA53-66AF-432B-B4C1-08D8FC903B2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*",
"matchCriteriaId": "789F398A-5CB2-48F8-AF8F-05BF0A8E04B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*",
"matchCriteriaId": "EF102659-B067-473E-AA37-EA90A82D1864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "81DF915D-D764-4C21-B213-0ADFD844E9DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "C29A4119-A992-4713-85D6-4FDED7CD416A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*",
"matchCriteriaId": "4CA59C9D-74C2-4AFC-B1D1-1BC305FD493B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*",
"matchCriteriaId": "5720A37E-1DB5-45BA-9FDE-0EAEFE1F2257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*",
"matchCriteriaId": "F03006B7-037B-491F-A09F-DEB2FF076754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*",
"matchCriteriaId": "FE78AED4-AD60-406C-82E0-BA52701B49BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "3D0B71F0-CCED-4E23-989A-3E9E2D71307C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "5CF8FC22-C556-451C-B928-F5AF8DF4BF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*",
"matchCriteriaId": "081D3B14-45F6-4F96-944B-94D967FEFA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*",
"matchCriteriaId": "DE2C36B5-43F8-401B-B420-1FA5F13A4D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*",
"matchCriteriaId": "D922DC5A-63F6-4188-BCDE-BB987402E47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*",
"matchCriteriaId": "BFD5737C-AAE8-4C8D-BCFE-FFDF5DA4221C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*",
"matchCriteriaId": "C2BCC22C-A32B-4945-AFBC-777DBE248FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*",
"matchCriteriaId": "92F92890-63B0-4918-A147-8852B6E2FA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8016ECD3-4417-47A8-9493-C9F9EDF5FAA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "ED0B143A-5386-4375-AEB2-48619B2B1EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "E7ECA734-9E95-484F-B880-2491A0E2531B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "5D7CD9E9-033C-44B8-A68C-47AC260873E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "07B660DC-A94F-48F0-A2F4-1C39CC4751A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-:*:*:*:*:*:*",
"matchCriteriaId": "44D355AE-A8C0-4D7B-87FE-5D4138B6BB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "329C8551-98D1-4255-B598-9E75A071C186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2:*:*:*:*:*:*",
"matchCriteriaId": "FD0687B7-F374-4368-AD9E-041123B23A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3:*:*:*:*:*:*",
"matchCriteriaId": "D0330E77-454E-4E77-9628-50681B748491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-:*:*:*:*:*:*",
"matchCriteriaId": "3863726E-15AD-4A47-85CB-0C9965E76EF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "5C07D9DC-E6C1-4FB0-86F1-144FD51B08CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "3105129C-8FE8-4BF0-8CB9-A7F3F7FE1107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "D1F35447-889F-4CE9-9473-87046B4707EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4:*:*:*:*:*:*",
"matchCriteriaId": "A3A5DFC0-BBD7-430C-A026-E1F34E08894D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-:*:*:*:*:*:*",
"matchCriteriaId": "141E8F6A-3998-4F22-A717-3F52BC998F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "F09AA197-BB55-4CF0-AC29-4449C07DE510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2:*:*:*:*:*:*",
"matchCriteriaId": "3E468E33-B183-4830-97E2-EAF9FD3758E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3:*:*:*:*:*:*",
"matchCriteriaId": "738C8F2B-3D3E-4E1F-977A-05D3A39F115D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4:*:*:*:*:*:*",
"matchCriteriaId": "1ED03E83-909B-423F-81F2-34AB7F24BBE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-:*:*:*:*:*:*",
"matchCriteriaId": "9778E8AA-A034-4B04-A42E-6A182378C7DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "AEE15598-4064-4E31-86BA-7851AA4B76C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "59FE3789-FB47-4939-B9AA-86D203445526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "2F96389A-82B9-42DE-8E93-D2B2EE610F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "3131CDA5-1C4D-489C-8788-FA396F8ADB2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "DCC7DF3E-658C-41D7-A4AC-433440A02092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "EEBB12B8-4EF6-42B9-9D28-A9CA129B0FBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-:*:*:*:*:*:*",
"matchCriteriaId": "279C30FB-EA1C-4D1D-A37E-F1EEF79F19F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "D6870C1E-E4A4-4666-89DB-D72C8100D27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2:*:*:*:*:*:*",
"matchCriteriaId": "BE183CA0-FFBB-4746-8BBE-5D1910DD2100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3:*:*:*:*:*:*",
"matchCriteriaId": "D04B5EBF-C94C-4A44-9A7E-75623CAF832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4:*:*:*:*:*:*",
"matchCriteriaId": "5723FDF4-198B-488E-B075-F528EC6E4D18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5:*:*:*:*:*:*",
"matchCriteriaId": "7E23A972-5BCA-4C7E-B6F9-AD54992861A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6:*:*:*:*:*:*",
"matchCriteriaId": "1D00AFC9-8A9C-4BB1-9E60-BC6D552DC8E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-:*:*:*:*:*:*",
"matchCriteriaId": "BFE4D0FF-6445-4E14-9536-ADB32662B346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "C7FC4FDA-1C8D-4D7A-B5EA-D905FA830805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "753AA0F3-09F4-4E34-8E72-FAFD8BFE18EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3:*:*:*:*:*:*",
"matchCriteriaId": "9AC763FD-C143-4CA3-9A24-D50C9ED243D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4:*:*:*:*:*:*",
"matchCriteriaId": "299C6CBE-905F-4E59-AF2F-89A1CD767916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5:*:*:*:*:*:*",
"matchCriteriaId": "78538461-1B7E-4712-AA8D-D2EA3477635B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6:*:*:*:*:*:*",
"matchCriteriaId": "E3FF46F1-EF19-49D7-9EDD-44441C1A3F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7:*:*:*:*:*:*",
"matchCriteriaId": "D9F91FB6-7D8F-4D89-B6BA-2C6DF15B9A51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-:*:*:*:*:*:*",
"matchCriteriaId": "5725106C-A650-4C24-9636-1200BD44CCA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1:*:*:*:*:*:*",
"matchCriteriaId": "F1501425-96F7-487B-9588-FDA2DAC3790A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2:*:*:*:*:*:*",
"matchCriteriaId": "48D95998-9434-4AFF-9983-0D7AC34176A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3:*:*:*:*:*:*",
"matchCriteriaId": "D60BB309-860D-4D74-B08F-F94AFE84C881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4:*:*:*:*:*:*",
"matchCriteriaId": "F63E864E-6323-41B4-956F-51F9364DFAE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "EC724282-7431-465E-8E60-4037121B8838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "73151221-C102-4425-9316-1EE4CAAB6531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10:*:*:*:*:*:*",
"matchCriteriaId": "D1E9DDCD-6D22-4175-94EF-D8A5457E7355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11:*:*:*:*:*:*",
"matchCriteriaId": "35AB906F-43CD-4D54-8274-1FD551532E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12:*:*:*:*:*:*",
"matchCriteriaId": "1ADC75F0-B27E-4B15-B829-482FBA0063A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13:*:*:*:*:*:*",
"matchCriteriaId": "D015D670-8AEA-49A3-8D22-9E3009322EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14:*:*:*:*:*:*",
"matchCriteriaId": "C18F3CC3-9BCF-4DE8-B7CA-59587D5E61F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15:*:*:*:*:*:*",
"matchCriteriaId": "E543BC0F-ADFB-4CF2-BC6C-90DC76BE3A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16:*:*:*:*:*:*",
"matchCriteriaId": "28CE650B-BE03-4EDF-BE27-2FA6657F7A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "2356A4E6-561B-40CA-8348-B30D581B1E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*",
"matchCriteriaId": "74509F3F-840E-48B8-88B1-EA4FFB90ACC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*",
"matchCriteriaId": "BE7BD528-628F-4CA9-9FE8-8A79BDC97680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*",
"matchCriteriaId": "26118C2B-78CC-4038-9DEA-7A9417029790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*",
"matchCriteriaId": "29EBC1DD-6949-4B12-8CA5-EE2BCDB8C4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7:*:*:*:*:*:*",
"matchCriteriaId": "4F445D93-D482-4A74-810D-66D78CBCAFED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8:*:*:*:*:*:*",
"matchCriteriaId": "2C9F200C-ECC9-4D51-AFE7-E99C16D09148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9:*:*:*:*:*:*",
"matchCriteriaId": "56B87CB5-0F77-4040-BB58-9DBF5723A4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F4B3321B-11AD-43EB-867C-FA4FA6A5421E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB104CA-55CD-4B9E-A2F7-CC06E57663CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4975223D-9E31-4CEC-A4B6-C0996828B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22E0F4A7-B8BD-42D1-92DB-2B510FFC9C36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C15C820B-4778-4B8F-8BD8-E996F1D4062D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A42E70EE-2E23-4D92-ADE0-9177B9EDD430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "01C91446-4A36-4FCE-A973-3E6F813FABC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "58281E62-E350-4B0D-9322-8BA1E1773CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "BF1A152E-5795-4319-BD4D-855DE19C744C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3:*:*:*:*:*:*",
"matchCriteriaId": "438FCE7F-035A-4D89-96FE-EE5278C85493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4:*:*:*:*:*:*",
"matchCriteriaId": "80900F2C-7CFA-4C40-A6B5-51E12C3DA187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5:*:*:*:*:*:*",
"matchCriteriaId": "DDE9A060-1D4D-46E5-A34F-CC4CFA260D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6:*:*:*:*:*:*",
"matchCriteriaId": "33F900E6-AE47-4789-A337-70C6BEF22895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7:*:*:*:*:*:*",
"matchCriteriaId": "AD2E5054-2151-414D-A88F-6697FF280D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "3EB09361-372E-4F51-B255-C7D2DB41969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "A36D6991-3728-4F60-A443-37652DFAA053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10:*:*:*:*:*:*",
"matchCriteriaId": "4142CC4E-9F0D-4017-8D17-D59FBCEB36F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11:*:*:*:*:*:*",
"matchCriteriaId": "63C0F7CA-5F3C-41D4-AAD6-084643115D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12:*:*:*:*:*:*",
"matchCriteriaId": "1D16C66D-15BF-4EB8-8D78-DF12A69BD7F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13:*:*:*:*:*:*",
"matchCriteriaId": "81C388DC-0941-4D08-8C1C-BD43D9B0DC8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14:*:*:*:*:*:*",
"matchCriteriaId": "45CD14D8-665A-46C5-8387-33FF266822A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15:*:*:*:*:*:*",
"matchCriteriaId": "D510329D-B39E-4E2B-AAEC-1FDA7869C9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16:*:*:*:*:*:*",
"matchCriteriaId": "4640FE06-4D22-442E-A0E0-76EEFAF6ECB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17:*:*:*:*:*:*",
"matchCriteriaId": "6A846C69-CA94-4F5E-9E02-69EA6680549E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "F3E63ECF-25CB-4E7F-BF51-B4D7B3541AE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3:*:*:*:*:*:*",
"matchCriteriaId": "FF14DD4F-6779-4B17-AB1B-D4DE58E7E231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4:*:*:*:*:*:*",
"matchCriteriaId": "7AAEE176-631A-41B9-BC40-93F866DA9D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5:*:*:*:*:*:*",
"matchCriteriaId": "75C963D5-F2D1-49EE-93B5-CA7FE7EAB98C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6:*:*:*:*:*:*",
"matchCriteriaId": "9388D932-9818-4A68-9543-B0643166DB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7:*:*:*:*:*:*",
"matchCriteriaId": "770A9287-C910-4690-9402-0C0B7BAC8912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8:*:*:*:*:*:*",
"matchCriteriaId": "3F8AC068-D5AC-4042-8A7C-5B95EA0E85F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9:*:*:*:*:*:*",
"matchCriteriaId": "B503F1F7-F439-420D-B465-9A51CCECAB06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27948B08-C452-41FB-B41F-6ADB3AAE087E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB8FB4C-5BBC-420D-84F0-C8424DC25CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF1F14C-DB2C-40A8-B899-C127C7ECC0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E87FA9CC-D201-430F-8FE6-8C9A88CEAB1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7F2743-71BB-4011-B919-7E8032B6B72F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:kvm:*:*:*",
"matchCriteriaId": "3738FAC6-B90B-4014-9E86-17ED6D19D23D",
"versionEndExcluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:openflow:*:*:*",
"matchCriteriaId": "35B6634E-4F09-423C-87E7-59D4127CC023",
"versionEndExcluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:vmware:*:*:*",
"matchCriteriaId": "0A7A7100-A1DA-4191-A4C1-D930829A3DC2",
"versionEndExcluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83739ED7-37F1-4712-8C81-E56F58790240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:workload_deployer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CDD227E-1F98-4F73-BB65-3820F39127F0",
"versionEndIncluding": "3.1.0.7",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CB18F38-AC6A-406A-A4DD-40688B803744",
"versionEndExcluding": "1.4.3.5",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE781C8-40F7-4F6D-8FED-8EB3071FE9DB",
"versionEndExcluding": "1.5.0.4",
"versionStartIncluding": "1.5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5AB3395-B458-49F8-A8E3-25FF0C1C3BD3",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC57FAE-AD4D-4C9F-97A4-581C977B5FE4",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47A17EE0-7D3E-4CD7-984C-BB17BF6F4BFD",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33A46CF2-392A-4BB9-B4BF-DE8C5228CAAE",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4EF774-BD92-444D-9583-25DB97CDA4F3",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8753BBDB-A858-4A51-A8FD-8DF8DF2734A0",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB9850A-3308-4277-A68C-AD418612101E",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C84D7A48-6745-49D3-AE52-31DD7EEC0D61",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A1A3A3E-5636-4422-9B7B-B3D97989E674",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7384B993-049F-48D7-86D6-FE221C783245",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DF6129-9CEA-4812-800F-A6FD5095D60E",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79788A89-4152-4B4B-BFF0-518D90EE4D2B",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "680738C5-63D5-4F60-9610-FD0D87FCBBCA",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "872E2102-6BE6-42B6-93B0-942B7DABCBDA",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACA26CF-7C3F-4215-B032-ED9C5EFD57D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E31991-DF33-4F00-8430-7B626E8174CE",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E25BB0-6F5A-4A7B-9147-D4E17014C747",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B80C1675-4948-45DC-B593-EDB1354E42F3",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE69F8D-5EEE-4BC7-939C-CE71BCD2E11D",
"versionEndExcluding": "3.8.0.07",
"versionStartIncluding": "3.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDEC166F-A967-4616-B9EF-503054EFD197",
"versionEndExcluding": "3.9.1.08",
"versionStartIncluding": "3.9.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713E71BC-16F5-41E3-9816-74D5E8D8C9A9",
"versionEndExcluding": "4.1.2.06",
"versionStartIncluding": "4.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:stn6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2487E0-046C-476F-BFF4-EF77D9E856D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0287F3CD-2151-491D-8BC3-6D3921BE8FFA",
"versionEndExcluding": "3.8.0.07",
"versionStartIncluding": "3.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4179899-87B4-42C3-8245-9A34EC04F6A1",
"versionEndExcluding": "3.9.1.08",
"versionStartIncluding": "3.9.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8CED766-9742-4037-8005-F0BDDE9176DD",
"versionEndExcluding": "4.1.2.06",
"versionStartIncluding": "4.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:stn6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41EEAEC-08AE-4478-8977-5A4D7B48C175",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "298C961D-5E5F-4277-B192-A4C29243BECC",
"versionEndExcluding": "3.8.0.07",
"versionStartIncluding": "3.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A76C40-BA90-4FBD-8DFF-4AF8F952963A",
"versionEndExcluding": "3.9.1.08",
"versionStartIncluding": "3.9.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0663FBC-01C0-4AD8-A0B8-6097E537D352",
"versionEndExcluding": "4.1.2.06",
"versionStartIncluding": "4.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:stn7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE145DE3-3C9B-4949-B6D4-9B259372CCE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0ABC25E5-76CD-469B-879A-B1F7109D0181",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*",
"matchCriteriaId": "98942F6C-330F-459A-B2B4-72572DB4070E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5A92B0C-7256-45F0-8E0C-ADFEF36CF43D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C0BAB94-6521-4B57-9E56-A57BA5E20C24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A7788E5-93B9-4149-8823-2ACBA5CF17E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:open_enterprise_server:2.0:sp3:*:*:*:linux_kernel:*:*",
"matchCriteriaId": "B41B4ECD-6F30-46F5-A559-1CEFC7964873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*",
"matchCriteriaId": "D42ADCD9-1455-401C-B94F-D367A78A2B97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:security_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2853A787-E5F1-4455-9482-7C538B80556C",
"versionEndExcluding": "r77.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E910D60-1145-4229-9890-80D2D67C3845",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48BBEF73-E87D-467F-85EB-47BE212DF0E8",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE23220D-E364-41B7-A440-43B3AA4A716A",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C483253F-841E-4D4E-9B4A-932E9D07268B",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F0E7766-BDB4-42AB-B6CC-6B4E86A10038",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06BA93C0-A7AE-4A8E-BD74-08149A204463",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E0D8F52-0EAD-4E02-A8D8-CBAE2CDC703B",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D61BF2-69D8-4AD2-85CD-D87F640A6888",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9828CBA5-BB72-46E2-987D-633A5B3E2AFF",
"versionEndIncluding": "11.4.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC24B891-6DBA-4C02-B4CF-8D1CA53B4B74",
"versionEndIncluding": "4.4.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB0FDAC-C49D-4E63-ACA9-7BAD7C93A5D2",
"versionEndIncluding": "4.4.0",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AEB1FC5-1179-4DE9-99A2-D650167A7A60",
"versionEndIncluding": "4.4.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0ADD1B04-9F78-40B3-8314-6935277073B0",
"versionEndIncluding": "2.3.0",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F",
"versionEndIncluding": "3.1.1",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1343FBDC-4BF0-403B-B257-96672F092263",
"versionEndIncluding": "4.0.5",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7C138527-73D3-4AEE-BFAB-1D240A585A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2EB3D6-EF4C-4241-A31E-3990664004A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0CD8F8-26CE-43F0-87EB-A08F1D1EDB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D1168D2-93D5-4415-A666-B4BE0B2AC201",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:f5:arx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48A2FBA9-207F-4F16-932D-BF0BA3440503",
"versionEndIncluding": "6.4.0",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:f5:arx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6AC80F-9D91-468D-BEE3-6A0759723673",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF1DB4B7-AFCC-4D56-95BA-C66AB7A36680",
"versionEndExcluding": "9.3.67.5r1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "665EF643-3CDC-4518-9693-0D49F0870283",
"versionEndExcluding": "10.1.129.11r1",
"versionStartIncluding": "10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAE3CC45-49E5-40DE-B5C3-52A754A9C599",
"versionEndExcluding": "10.5.52.11r1",
"versionStartIncluding": "10.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:netscaler_sdx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8968E39A-1E16-4B7F-A16A-190EBC20D04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "864B5480-704F-4636-A938-7D95AD4223AD",
"versionEndExcluding": "10.10.0",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "35D34345-0AD1-499C-9A74-982B2D3F305A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "3DF3F07E-6F4E-4B97-B313-7DA3E8A88451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "5C98B0EA-7A52-4BDF-90C2-38797FC2B75A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FECF06B5-3915-48F0-A140-41C7A27EE99D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*",
"matchCriteriaId": "BBD8B161-0A07-492F-89E4-7A0BD02F6464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*",
"matchCriteriaId": "F3E8E0E1-FF63-425D-8C22-86B16CFB7B1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "29DF8DD7-B5CC-4152-A726-1D48459068D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*",
"matchCriteriaId": "DB2E2AAD-E221-4227-A41B-DC01BFDFCD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\" NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix."
},
{
"lang": "es",
"value": "GNU Bash hasta la versi\u00f3n 4.3 procesa cadenas finales despu\u00e9s de las definiciones de funciones en los valores de variables de entorno, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un entorno manipulado, tal como se ha demostrado por vectores que involucran la caracter\u00edstica ForceCommand en sshd OpenSSH, los m\u00f3dulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en las cuales el ajuste de entorno ocurre a trav\u00e9s de un l\u00edmite privilegiado de la ejecuci\u00f3n de Bash, tambi\u00e9n conocido como \"ShellShock.\" NOTA: la reparaci\u00f3n original para este problema era incorrecta; CVE-2014-7169 ha sido asignada para cubrir la vulnerabilidad que todav\u00eda est\u00e1 presente despu\u00e9s de la soluci\u00f3n incorrecta."
}
],
"id": "CVE-2014-6271",
"lastModified": "2025-01-06T19:36:17.117",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-09-24T18:48:04.477",
"references": [
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0388.html"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58200"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59272"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59737"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59907"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60024"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60034"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60044"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60055"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60063"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60193"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60325"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60433"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60947"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61065"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61128"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61129"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61188"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61283"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61287"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61291"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61312"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61313"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61328"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61442"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61471"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61485"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61503"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61542"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61547"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61550"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61552"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61565"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61603"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61633"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61641"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61643"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61654"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61676"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61700"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61703"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61711"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61715"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61780"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61816"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61855"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61857"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61873"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62228"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62312"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62343"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3032"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/70103"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2362-1"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"source": "security@debian.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"source": "security@debian.org",
"tags": [
"Permissions Required"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/37816/"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/38849/"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/39918/"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40619/"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40938/"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42938/"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/shellshock/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0388.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61287"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61552"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/70103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2362-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/37816/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/38849/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/39918/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40619/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40938/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42938/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/shellshock/"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-17 21:29
Modified
2024-11-21 03:59
Severity ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397."
},
{
"lang": "es",
"value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) emplean algoritmos criptogr\u00e1ficos m\u00e1s d\u00e9biles de lo esperado que podr\u00edan permitir que un atacante descifre informaci\u00f3n altamente sensible. IBM X-Force ID: 140397."
}
],
"id": "CVE-2018-1466",
"lastModified": "2024-11-21T03:59:52.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-17T21:29:00.713",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140397"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-17 21:29
Modified
2024-11-21 03:59
Severity ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368."
},
{
"lang": "es",
"value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) podr\u00edan permitir que un usuario autenticado acceda a archivos del sistema a los que no deber\u00eda tener acceso, algunos de los cuales podr\u00edan contener credenciales de cuenta. IBM X-Force ID: 140368."
}
],
"id": "CVE-2018-1463",
"lastModified": "2024-11-21T03:59:52.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-17T21:29:00.540",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140368"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-17 21:29
Modified
2024-11-21 03:59
Severity ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DLSnap could allow an unauthenticated attacker to read arbitrary files on the system. IBM X-Force ID: 139566.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DLSnap could allow an unauthenticated attacker to read arbitrary files on the system. IBM X-Force ID: 139566."
},
{
"lang": "es",
"value": "En los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1), web handler /DLSnap podr\u00eda permitir que un atacante no autenticado lea archivos arbitrarios del sistema. IBM X-Force ID: 139566."
}
],
"id": "CVE-2018-1438",
"lastModified": "2024-11-21T03:59:49.253",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-17T21:29:00.387",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139566"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139566"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-17 13:15
Modified
2024-11-21 05:33
Severity ?
Summary
IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/186678 | VDB Entry, Vendor Advisory | |
| psirt@us.ibm.com | https://www.ibm.com/support/pages/node/6260199 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/186678 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ibm.com/support/pages/node/6260199 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | spectrum_virtualize | 8.3.1 | |
| ibm | spectrum_virtualize | 8.3.1 | |
| ibm | flashsystem_v5000_firmware | 8.3.1 | |
| ibm | flashsystem_v5000 | - | |
| ibm | flashsystem_v7200_firmware | 8.3.1 | |
| ibm | flashsystem_v7200 | - | |
| ibm | flashsystem_v9000_firmware | 8.3.1 | |
| ibm | flashsystem_v9000 | - | |
| ibm | flashsystem_v9100_firmware | 8.3.1 | |
| ibm | flashsystem_v9100 | - | |
| ibm | flashsystem_v9200_firmware | 8.3.1 | |
| ibm | flashsystem_v9200 | - | |
| ibm | san_volume_controller_firmware | 8.3.1 | |
| ibm | san_volume_controller | - | |
| ibm | storwize_v5000_firmware | 8.3.1 | |
| ibm | storwize_v5000 | - | |
| ibm | storwize_v5000e_firmware | 8.3.1 | |
| ibm | storwize_v5000e | - | |
| ibm | storwize_v5100_firmware | 8.3.1 | |
| ibm | storwize_v5100 | - | |
| ibm | storwize_v7000_firmware | 8.3.1 | |
| ibm | storwize_v7000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "257A4181-9C9A-41FA-B696-5D7E1E1EEE5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:8.3.1:*:*:*:public_cloud:*:*:*",
"matchCriteriaId": "E6CAB5CA-73E1-4CAD-9793-40A6DBC6FF81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flashsystem_v5000_firmware:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34E0B118-BB59-4AA5-8E62-DD1A96A7EDCC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flashsystem_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01CF1C5A-F06E-4B0C-99D6-A7D099DFB3C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flashsystem_v7200_firmware:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "603DECB9-2DB7-454C-BDF6-A7FE16460A56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flashsystem_v7200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "642DFC1E-FA8E-4751-9875-9B157D0E2D7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flashsystem_v9000_firmware:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA16BD66-A859-43EE-B992-669C8A956FEB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flashsystem_v9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9C13EA-8C4C-42C5-A451-611FF0904AE8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flashsystem_v9100_firmware:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D11841F3-5122-4955-88CC-0E7F700111E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flashsystem_v9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9885F2-D9C5-4F91-8BCE-60684AFFC789",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flashsystem_v9200_firmware:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B519DF-1F09-4F1A-8108-C6E382F1052F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flashsystem_v9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07A8B986-90FE-4AB4-B8E7-9479194FE3A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91A752A0-06B6-4768-9F19-0B28F6AB3D44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2A11B4-1378-44B3-B007-0ACCCB48CE67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000e_firmware:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F886288-E5BD-4B2E-8707-6FA2E56205DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "721F3BDB-9530-49E5-900C-8913029A6A79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5100_firmware:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "20D8408F-769F-4D07-BE40-644DD38650F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38CF9525-1FF5-4941-8043-476FB3B50E32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C99EE10-DA45-4779-ACEA-79170920A676",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678."
},
{
"lang": "es",
"value": "IBM Spectrum Virtualize versi\u00f3n 8.3.1, podr\u00eda permitir a un usuario autenticado remoto por medio de LDAP escalar sus privilegios y realizar acciones a las que no deber\u00eda tener acceso. IBM X-Force ID: 186678."
}
],
"id": "CVE-2020-4686",
"lastModified": "2024-11-21T05:33:07.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2,
"source": "psirt@us.ibm.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-17T13:15:12.490",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/186678"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/6260199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/186678"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/6260199"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-17 21:29
Modified
2024-11-21 03:59
Severity ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain sensitive information that they should not have authorization to read. IBM X-Force ID: 140395.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain sensitive information that they should not have authorization to read. IBM X-Force ID: 140395."
},
{
"lang": "es",
"value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) podr\u00edan permitir que un usuario autenticado obtenga informaci\u00f3n sensible que no podr\u00eda leer por no tener la autorizaci\u00f3n para ello. IBM X-Force ID: 140395."
}
],
"id": "CVE-2018-1464",
"lastModified": "2024-11-21T03:59:52.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-17T21:29:00.603",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140395"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-13 23:29
Modified
2024-11-21 03:22
Severity ?
Summary
A vulnerability in the Service Assistant GUI in IBM Storwize V7000 (2076) 8.1 could allow a remote attacker to perform a privilege escalation. IBM X-Force ID: 134531.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=ssg1S1010788 | Issue Tracking, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/101770 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | http://www.securitytracker.com/id/1039776 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/134531 | Issue Tracking, VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=ssg1S1010788 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101770 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039776 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/134531 | Issue Tracking, VDB Entry, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | storwize_v7000_firmware | 8.1 | |
| ibm | storwize_v7000 | - | |
| ibm | storwize_v5000_firmware | 8.1 | |
| ibm | storwize_v5000 | - | |
| ibm | flashsystem_v9000_firmware | 8.1 | |
| ibm | flashsystem_v9000 | - | |
| ibm | san_volume_controller_firmware | 8.1 | |
| ibm | san_volume_controller | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1B0F9CE9-D622-49F7-8D2C-4C4A7E9E6DBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "834DC12B-18ED-4D1A-869D-727A226FDD58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flashsystem_v9000_firmware:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEB7116F-7DF8-4FF5-B982-FA08604B3BCB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flashsystem_v9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9C13EA-8C4C-42C5-A451-611FF0904AE8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F6CF13-51C2-4943-9658-F72FADE4B37A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Service Assistant GUI in IBM Storwize V7000 (2076) 8.1 could allow a remote attacker to perform a privilege escalation. IBM X-Force ID: 134531."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el Service Assistant GUI en IBM Storwize V7000 (2076) 8.1 podr\u00eda permitir que un atacante remoto realice un escalado de privilegios. IBM X-Force ID: 134531."
}
],
"id": "CVE-2017-1710",
"lastModified": "2024-11-21T03:22:14.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-13T23:29:00.370",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1010788"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101770"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039776"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Issue Tracking",
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1010788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134531"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-17 21:29
Modified
2024-11-21 03:59
Severity ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396."
},
{
"lang": "es",
"value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) podr\u00edan permitir que un usuario autenticado obtenga la clave privada que podr\u00eda posibilitar la interceptaci\u00f3n de comunicaciones en la interfaz gr\u00e1fica de usuario. IBM X-Force ID: 140396."
}
],
"id": "CVE-2018-1465",
"lastModified": "2024-11-21T03:59:52.673",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-17T21:29:00.650",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-17 21:29
Modified
2024-11-21 03:59
Severity ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 140362.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 140362."
},
{
"lang": "es",
"value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. Esto podr\u00eda dar lugar a una revelaci\u00f3n de credenciales en una sesi\u00f3n de confianza. IBM X-Force ID: 140362."
}
],
"id": "CVE-2018-1461",
"lastModified": "2024-11-21T03:59:51.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-17T21:29:00.433",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140362"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140362"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-17 21:29
Modified
2024-11-21 03:59
Severity ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to including deleting files or causing a denial of service. IBM X-Force ID: 140363.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to including deleting files or causing a denial of service. IBM X-Force ID: 140363."
},
{
"lang": "es",
"value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) podr\u00edan permitir que un usuario autenticado acceda a archivos del sistema a los que no deber\u00eda tener acceso, incluyendo la eliminaci\u00f3n de archivos o provocar una denegaci\u00f3n de servicio (DoS). IBM X-Force ID: 140363."
}
],
"id": "CVE-2018-1462",
"lastModified": "2024-11-21T03:59:52.127",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-17T21:29:00.493",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140363"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-09-25 01:55
Modified
2025-01-06 19:35
Severity ?
Summary
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
References
Impacted products
{
"cisaActionDue": "2022-07-28",
"cisaExploitAdd": "2022-01-28",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4DBE402-1B0A-4854-ABE5-891321454C25",
"versionEndIncluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCA5A28D-79B6-4F3E-9C98-65D4DFAD8EE7",
"versionEndExcluding": "4.9.12",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1DC7EF-C994-4252-9DFE-DCA63FB17AE0",
"versionEndExcluding": "4.10.9",
"versionStartIncluding": "4.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9056776F-03F6-4C3D-8635-37D66FD16EAA",
"versionEndExcluding": "4.11.11",
"versionStartIncluding": "4.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFEE6963-F73F-4B71-B4F8-6E550FBDA5F6",
"versionEndExcluding": "4.12.9",
"versionStartIncluding": "4.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8296875A-64FA-4592-848A-A923126BD8AF",
"versionEndExcluding": "4.13.9",
"versionStartIncluding": "4.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "816A16AF-1F5E-483A-AA89-3022818FAE43",
"versionEndExcluding": "4.14.4f",
"versionStartIncluding": "4.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:4:*:*:*:*:*:*:*",
"matchCriteriaId": "F8421899-5D10-4C2B-88AA-3DA909FE3E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*",
"matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
"matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8B7F1F-22F6-4B10-A6E5-DE44B1D2E649",
"versionEndExcluding": "4.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:4.1.1:-:*:*:*:*:*:*",
"matchCriteriaId": "F407EA72-BA1A-41A2-B699-874304A638A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:4.1.1:build_0927:*:*:*:*:*:*",
"matchCriteriaId": "DDA25903-B334-438B-8196-B9E5119199D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76F1E356-E019-47E8-AA5F-702DA93CF74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F805A106-9A6F-48E7-8582-D3C5A26DFC11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC489F35-07F1-4C3E-80B9-78F0689BC54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95CE35FC-266F-4025-A0B8-FB853C020800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6252E88C-27FF-420D-A64A-C34124CF7E6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5537E1-1E8E-49C5-B4CB-A8E2EE3F5088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "804DFF9F-BAA8-4239-835B-6182471A224F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE496C0-35F7-44DC-B3F0-71EA3A613C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "71179893-49F2-433C-A7AC-687075F9CC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4C43D8-02A5-4385-A89E-F265FEEC9E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "37ECC029-3D84-4DD7-B28B-E5AD5559CF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CBED2A-B6B0-420E-BC40-160930D8662E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "652F7BB0-A6EA-45D0-86D4-49F4CA6C3EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:*:*:*:*:*:*:*",
"matchCriteriaId": "29BBF1AC-F31F-4251-8054-0D89A8E6E990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:*:*:*:*:*:*:*",
"matchCriteriaId": "C52A4A2F-6385-4E5F-B2C7-0EF7267546F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "6D8D654F-2442-4EA0-AF89-6AC2CD214772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "D8ED0658-5F8F-48F0-A605-A2205DA27DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "8BCF87FD-9358-42A5-9917-25DF0180A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "C385DA76-4863-4D39-84D2-9D185D322365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "188019BF-3700-4B3F-BFA5-553B2B545B7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8B2E32-B838-4E51-BAA2-764089D2A684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "4319B943-7B19-468D-A160-5895F7F997A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "634C23AC-AC9C-43F4-BED8-1C720816D5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6ADFB8-210D-4E46-82A2-1C8705928382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "92C9F1C4-55B0-426D-BB5E-01372C23AF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8821E5FE-319D-40AB-A515-D56C1893E6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "74BCA435-7594-49E8-9BAE-9E02E129B6C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*",
"matchCriteriaId": "CED02712-1031-4206-AC4D-E68710F46EC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
"matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*",
"matchCriteriaId": "7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "94C9C346-6DEC-4C72-9F59-BB3BEC42B551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2071DABB-7102-47F2-A15F-A6C03607D01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A8661E86-E075-427F-8E05-7A33811A3A76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEFCC35D-1C83-4CA5-8B1D-9A637613AD7E",
"versionEndIncluding": "1.0.0.4",
"versionStartIncluding": "1.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "054736AF-96E0-491D-B824-CC4A35B76E14",
"versionEndIncluding": "1.1.0.4",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "575894EE-F13C-4D56-8B63-59A379F63BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E476AEB-AD38-4033-8426-DC502497D75A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C062C89-5DC2-46EE-A9D3-23E7539A5DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "20981443-6A64-4852-B2CB-3299927C6F78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "59761BB8-FCC7-4D15-88A8-82076CCF196F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*",
"matchCriteriaId": "CF399B2E-8413-4B80-A0C0-E61E8A0A8604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "230EBA53-66AF-432B-B4C1-08D8FC903B2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*",
"matchCriteriaId": "789F398A-5CB2-48F8-AF8F-05BF0A8E04B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*",
"matchCriteriaId": "EF102659-B067-473E-AA37-EA90A82D1864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "81DF915D-D764-4C21-B213-0ADFD844E9DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "C29A4119-A992-4713-85D6-4FDED7CD416A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*",
"matchCriteriaId": "4CA59C9D-74C2-4AFC-B1D1-1BC305FD493B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*",
"matchCriteriaId": "5720A37E-1DB5-45BA-9FDE-0EAEFE1F2257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*",
"matchCriteriaId": "F03006B7-037B-491F-A09F-DEB2FF076754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*",
"matchCriteriaId": "FE78AED4-AD60-406C-82E0-BA52701B49BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "3D0B71F0-CCED-4E23-989A-3E9E2D71307C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "5CF8FC22-C556-451C-B928-F5AF8DF4BF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*",
"matchCriteriaId": "081D3B14-45F6-4F96-944B-94D967FEFA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*",
"matchCriteriaId": "DE2C36B5-43F8-401B-B420-1FA5F13A4D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*",
"matchCriteriaId": "D922DC5A-63F6-4188-BCDE-BB987402E47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*",
"matchCriteriaId": "BFD5737C-AAE8-4C8D-BCFE-FFDF5DA4221C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*",
"matchCriteriaId": "C2BCC22C-A32B-4945-AFBC-777DBE248FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*",
"matchCriteriaId": "92F92890-63B0-4918-A147-8852B6E2FA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8016ECD3-4417-47A8-9493-C9F9EDF5FAA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "ED0B143A-5386-4375-AEB2-48619B2B1EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "E7ECA734-9E95-484F-B880-2491A0E2531B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "5D7CD9E9-033C-44B8-A68C-47AC260873E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "07B660DC-A94F-48F0-A2F4-1C39CC4751A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-:*:*:*:*:*:*",
"matchCriteriaId": "44D355AE-A8C0-4D7B-87FE-5D4138B6BB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "329C8551-98D1-4255-B598-9E75A071C186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2:*:*:*:*:*:*",
"matchCriteriaId": "FD0687B7-F374-4368-AD9E-041123B23A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3:*:*:*:*:*:*",
"matchCriteriaId": "D0330E77-454E-4E77-9628-50681B748491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-:*:*:*:*:*:*",
"matchCriteriaId": "3863726E-15AD-4A47-85CB-0C9965E76EF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "5C07D9DC-E6C1-4FB0-86F1-144FD51B08CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "3105129C-8FE8-4BF0-8CB9-A7F3F7FE1107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "D1F35447-889F-4CE9-9473-87046B4707EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4:*:*:*:*:*:*",
"matchCriteriaId": "A3A5DFC0-BBD7-430C-A026-E1F34E08894D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-:*:*:*:*:*:*",
"matchCriteriaId": "141E8F6A-3998-4F22-A717-3F52BC998F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "F09AA197-BB55-4CF0-AC29-4449C07DE510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2:*:*:*:*:*:*",
"matchCriteriaId": "3E468E33-B183-4830-97E2-EAF9FD3758E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3:*:*:*:*:*:*",
"matchCriteriaId": "738C8F2B-3D3E-4E1F-977A-05D3A39F115D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4:*:*:*:*:*:*",
"matchCriteriaId": "1ED03E83-909B-423F-81F2-34AB7F24BBE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-:*:*:*:*:*:*",
"matchCriteriaId": "9778E8AA-A034-4B04-A42E-6A182378C7DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "AEE15598-4064-4E31-86BA-7851AA4B76C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "59FE3789-FB47-4939-B9AA-86D203445526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "2F96389A-82B9-42DE-8E93-D2B2EE610F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "3131CDA5-1C4D-489C-8788-FA396F8ADB2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "DCC7DF3E-658C-41D7-A4AC-433440A02092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "EEBB12B8-4EF6-42B9-9D28-A9CA129B0FBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-:*:*:*:*:*:*",
"matchCriteriaId": "279C30FB-EA1C-4D1D-A37E-F1EEF79F19F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "D6870C1E-E4A4-4666-89DB-D72C8100D27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2:*:*:*:*:*:*",
"matchCriteriaId": "BE183CA0-FFBB-4746-8BBE-5D1910DD2100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3:*:*:*:*:*:*",
"matchCriteriaId": "D04B5EBF-C94C-4A44-9A7E-75623CAF832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4:*:*:*:*:*:*",
"matchCriteriaId": "5723FDF4-198B-488E-B075-F528EC6E4D18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5:*:*:*:*:*:*",
"matchCriteriaId": "7E23A972-5BCA-4C7E-B6F9-AD54992861A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6:*:*:*:*:*:*",
"matchCriteriaId": "1D00AFC9-8A9C-4BB1-9E60-BC6D552DC8E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-:*:*:*:*:*:*",
"matchCriteriaId": "BFE4D0FF-6445-4E14-9536-ADB32662B346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "C7FC4FDA-1C8D-4D7A-B5EA-D905FA830805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "753AA0F3-09F4-4E34-8E72-FAFD8BFE18EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3:*:*:*:*:*:*",
"matchCriteriaId": "9AC763FD-C143-4CA3-9A24-D50C9ED243D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4:*:*:*:*:*:*",
"matchCriteriaId": "299C6CBE-905F-4E59-AF2F-89A1CD767916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5:*:*:*:*:*:*",
"matchCriteriaId": "78538461-1B7E-4712-AA8D-D2EA3477635B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6:*:*:*:*:*:*",
"matchCriteriaId": "E3FF46F1-EF19-49D7-9EDD-44441C1A3F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7:*:*:*:*:*:*",
"matchCriteriaId": "D9F91FB6-7D8F-4D89-B6BA-2C6DF15B9A51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-:*:*:*:*:*:*",
"matchCriteriaId": "5725106C-A650-4C24-9636-1200BD44CCA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1:*:*:*:*:*:*",
"matchCriteriaId": "F1501425-96F7-487B-9588-FDA2DAC3790A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2:*:*:*:*:*:*",
"matchCriteriaId": "48D95998-9434-4AFF-9983-0D7AC34176A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3:*:*:*:*:*:*",
"matchCriteriaId": "D60BB309-860D-4D74-B08F-F94AFE84C881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4:*:*:*:*:*:*",
"matchCriteriaId": "F63E864E-6323-41B4-956F-51F9364DFAE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "EC724282-7431-465E-8E60-4037121B8838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "73151221-C102-4425-9316-1EE4CAAB6531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10:*:*:*:*:*:*",
"matchCriteriaId": "D1E9DDCD-6D22-4175-94EF-D8A5457E7355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11:*:*:*:*:*:*",
"matchCriteriaId": "35AB906F-43CD-4D54-8274-1FD551532E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12:*:*:*:*:*:*",
"matchCriteriaId": "1ADC75F0-B27E-4B15-B829-482FBA0063A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13:*:*:*:*:*:*",
"matchCriteriaId": "D015D670-8AEA-49A3-8D22-9E3009322EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14:*:*:*:*:*:*",
"matchCriteriaId": "C18F3CC3-9BCF-4DE8-B7CA-59587D5E61F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15:*:*:*:*:*:*",
"matchCriteriaId": "E543BC0F-ADFB-4CF2-BC6C-90DC76BE3A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16:*:*:*:*:*:*",
"matchCriteriaId": "28CE650B-BE03-4EDF-BE27-2FA6657F7A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "2356A4E6-561B-40CA-8348-B30D581B1E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*",
"matchCriteriaId": "74509F3F-840E-48B8-88B1-EA4FFB90ACC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*",
"matchCriteriaId": "BE7BD528-628F-4CA9-9FE8-8A79BDC97680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*",
"matchCriteriaId": "26118C2B-78CC-4038-9DEA-7A9417029790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*",
"matchCriteriaId": "29EBC1DD-6949-4B12-8CA5-EE2BCDB8C4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7:*:*:*:*:*:*",
"matchCriteriaId": "4F445D93-D482-4A74-810D-66D78CBCAFED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8:*:*:*:*:*:*",
"matchCriteriaId": "2C9F200C-ECC9-4D51-AFE7-E99C16D09148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9:*:*:*:*:*:*",
"matchCriteriaId": "56B87CB5-0F77-4040-BB58-9DBF5723A4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F4B3321B-11AD-43EB-867C-FA4FA6A5421E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB104CA-55CD-4B9E-A2F7-CC06E57663CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4975223D-9E31-4CEC-A4B6-C0996828B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22E0F4A7-B8BD-42D1-92DB-2B510FFC9C36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C15C820B-4778-4B8F-8BD8-E996F1D4062D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A42E70EE-2E23-4D92-ADE0-9177B9EDD430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "01C91446-4A36-4FCE-A973-3E6F813FABC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "58281E62-E350-4B0D-9322-8BA1E1773CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "BF1A152E-5795-4319-BD4D-855DE19C744C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3:*:*:*:*:*:*",
"matchCriteriaId": "438FCE7F-035A-4D89-96FE-EE5278C85493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4:*:*:*:*:*:*",
"matchCriteriaId": "80900F2C-7CFA-4C40-A6B5-51E12C3DA187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5:*:*:*:*:*:*",
"matchCriteriaId": "DDE9A060-1D4D-46E5-A34F-CC4CFA260D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6:*:*:*:*:*:*",
"matchCriteriaId": "33F900E6-AE47-4789-A337-70C6BEF22895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7:*:*:*:*:*:*",
"matchCriteriaId": "AD2E5054-2151-414D-A88F-6697FF280D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "3EB09361-372E-4F51-B255-C7D2DB41969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "A36D6991-3728-4F60-A443-37652DFAA053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10:*:*:*:*:*:*",
"matchCriteriaId": "4142CC4E-9F0D-4017-8D17-D59FBCEB36F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11:*:*:*:*:*:*",
"matchCriteriaId": "63C0F7CA-5F3C-41D4-AAD6-084643115D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12:*:*:*:*:*:*",
"matchCriteriaId": "1D16C66D-15BF-4EB8-8D78-DF12A69BD7F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13:*:*:*:*:*:*",
"matchCriteriaId": "81C388DC-0941-4D08-8C1C-BD43D9B0DC8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14:*:*:*:*:*:*",
"matchCriteriaId": "45CD14D8-665A-46C5-8387-33FF266822A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15:*:*:*:*:*:*",
"matchCriteriaId": "D510329D-B39E-4E2B-AAEC-1FDA7869C9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16:*:*:*:*:*:*",
"matchCriteriaId": "4640FE06-4D22-442E-A0E0-76EEFAF6ECB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17:*:*:*:*:*:*",
"matchCriteriaId": "6A846C69-CA94-4F5E-9E02-69EA6680549E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "F3E63ECF-25CB-4E7F-BF51-B4D7B3541AE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3:*:*:*:*:*:*",
"matchCriteriaId": "FF14DD4F-6779-4B17-AB1B-D4DE58E7E231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4:*:*:*:*:*:*",
"matchCriteriaId": "7AAEE176-631A-41B9-BC40-93F866DA9D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5:*:*:*:*:*:*",
"matchCriteriaId": "75C963D5-F2D1-49EE-93B5-CA7FE7EAB98C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6:*:*:*:*:*:*",
"matchCriteriaId": "9388D932-9818-4A68-9543-B0643166DB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7:*:*:*:*:*:*",
"matchCriteriaId": "770A9287-C910-4690-9402-0C0B7BAC8912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8:*:*:*:*:*:*",
"matchCriteriaId": "3F8AC068-D5AC-4042-8A7C-5B95EA0E85F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9:*:*:*:*:*:*",
"matchCriteriaId": "B503F1F7-F439-420D-B465-9A51CCECAB06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27948B08-C452-41FB-B41F-6ADB3AAE087E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB8FB4C-5BBC-420D-84F0-C8424DC25CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF1F14C-DB2C-40A8-B899-C127C7ECC0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E87FA9CC-D201-430F-8FE6-8C9A88CEAB1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7F2743-71BB-4011-B919-7E8032B6B72F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:kvm:*:*:*",
"matchCriteriaId": "3738FAC6-B90B-4014-9E86-17ED6D19D23D",
"versionEndExcluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:openflow:*:*:*",
"matchCriteriaId": "35B6634E-4F09-423C-87E7-59D4127CC023",
"versionEndExcluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:vmware:*:*:*",
"matchCriteriaId": "0A7A7100-A1DA-4191-A4C1-D930829A3DC2",
"versionEndExcluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83739ED7-37F1-4712-8C81-E56F58790240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:workload_deployer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CDD227E-1F98-4F73-BB65-3820F39127F0",
"versionEndIncluding": "3.1.0.7",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CB18F38-AC6A-406A-A4DD-40688B803744",
"versionEndExcluding": "1.4.3.5",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE781C8-40F7-4F6D-8FED-8EB3071FE9DB",
"versionEndExcluding": "1.5.0.4",
"versionStartIncluding": "1.5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5AB3395-B458-49F8-A8E3-25FF0C1C3BD3",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC57FAE-AD4D-4C9F-97A4-581C977B5FE4",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47A17EE0-7D3E-4CD7-984C-BB17BF6F4BFD",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33A46CF2-392A-4BB9-B4BF-DE8C5228CAAE",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4EF774-BD92-444D-9583-25DB97CDA4F3",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8753BBDB-A858-4A51-A8FD-8DF8DF2734A0",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB9850A-3308-4277-A68C-AD418612101E",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C84D7A48-6745-49D3-AE52-31DD7EEC0D61",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A1A3A3E-5636-4422-9B7B-B3D97989E674",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7384B993-049F-48D7-86D6-FE221C783245",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DF6129-9CEA-4812-800F-A6FD5095D60E",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79788A89-4152-4B4B-BFF0-518D90EE4D2B",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "680738C5-63D5-4F60-9610-FD0D87FCBBCA",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "872E2102-6BE6-42B6-93B0-942B7DABCBDA",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACA26CF-7C3F-4215-B032-ED9C5EFD57D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E31991-DF33-4F00-8430-7B626E8174CE",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E25BB0-6F5A-4A7B-9147-D4E17014C747",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B80C1675-4948-45DC-B593-EDB1354E42F3",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE69F8D-5EEE-4BC7-939C-CE71BCD2E11D",
"versionEndExcluding": "3.8.0.07",
"versionStartIncluding": "3.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDEC166F-A967-4616-B9EF-503054EFD197",
"versionEndExcluding": "3.9.1.08",
"versionStartIncluding": "3.9.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713E71BC-16F5-41E3-9816-74D5E8D8C9A9",
"versionEndExcluding": "4.1.2.06",
"versionStartIncluding": "4.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:stn6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2487E0-046C-476F-BFF4-EF77D9E856D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0287F3CD-2151-491D-8BC3-6D3921BE8FFA",
"versionEndExcluding": "3.8.0.07",
"versionStartIncluding": "3.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4179899-87B4-42C3-8245-9A34EC04F6A1",
"versionEndExcluding": "3.9.1.08",
"versionStartIncluding": "3.9.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8CED766-9742-4037-8005-F0BDDE9176DD",
"versionEndExcluding": "4.1.2.06",
"versionStartIncluding": "4.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:stn6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41EEAEC-08AE-4478-8977-5A4D7B48C175",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "298C961D-5E5F-4277-B192-A4C29243BECC",
"versionEndExcluding": "3.8.0.07",
"versionStartIncluding": "3.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A76C40-BA90-4FBD-8DFF-4AF8F952963A",
"versionEndExcluding": "3.9.1.08",
"versionStartIncluding": "3.9.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0663FBC-01C0-4AD8-A0B8-6097E537D352",
"versionEndExcluding": "4.1.2.06",
"versionStartIncluding": "4.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:stn7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE145DE3-3C9B-4949-B6D4-9B259372CCE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0ABC25E5-76CD-469B-879A-B1F7109D0181",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*",
"matchCriteriaId": "98942F6C-330F-459A-B2B4-72572DB4070E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5A92B0C-7256-45F0-8E0C-ADFEF36CF43D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C0BAB94-6521-4B57-9E56-A57BA5E20C24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A7788E5-93B9-4149-8823-2ACBA5CF17E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:open_enterprise_server:2.0:sp3:*:*:*:linux_kernel:*:*",
"matchCriteriaId": "B41B4ECD-6F30-46F5-A559-1CEFC7964873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*",
"matchCriteriaId": "D42ADCD9-1455-401C-B94F-D367A78A2B97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:security_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2853A787-E5F1-4455-9482-7C538B80556C",
"versionEndExcluding": "r77.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E910D60-1145-4229-9890-80D2D67C3845",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48BBEF73-E87D-467F-85EB-47BE212DF0E8",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE23220D-E364-41B7-A440-43B3AA4A716A",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C483253F-841E-4D4E-9B4A-932E9D07268B",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F0E7766-BDB4-42AB-B6CC-6B4E86A10038",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06BA93C0-A7AE-4A8E-BD74-08149A204463",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E0D8F52-0EAD-4E02-A8D8-CBAE2CDC703B",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D61BF2-69D8-4AD2-85CD-D87F640A6888",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9828CBA5-BB72-46E2-987D-633A5B3E2AFF",
"versionEndIncluding": "11.4.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC24B891-6DBA-4C02-B4CF-8D1CA53B4B74",
"versionEndIncluding": "4.4.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB0FDAC-C49D-4E63-ACA9-7BAD7C93A5D2",
"versionEndIncluding": "4.4.0",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AEB1FC5-1179-4DE9-99A2-D650167A7A60",
"versionEndIncluding": "4.4.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0ADD1B04-9F78-40B3-8314-6935277073B0",
"versionEndIncluding": "2.3.0",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F",
"versionEndIncluding": "3.1.1",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1343FBDC-4BF0-403B-B257-96672F092263",
"versionEndIncluding": "4.0.5",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7C138527-73D3-4AEE-BFAB-1D240A585A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2EB3D6-EF4C-4241-A31E-3990664004A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0CD8F8-26CE-43F0-87EB-A08F1D1EDB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D1168D2-93D5-4415-A666-B4BE0B2AC201",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:f5:arx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48A2FBA9-207F-4F16-932D-BF0BA3440503",
"versionEndIncluding": "6.4.0",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:f5:arx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6AC80F-9D91-468D-BEE3-6A0759723673",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF1DB4B7-AFCC-4D56-95BA-C66AB7A36680",
"versionEndExcluding": "9.3.67.5r1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "665EF643-3CDC-4518-9693-0D49F0870283",
"versionEndExcluding": "10.1.129.11r1",
"versionStartIncluding": "10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAE3CC45-49E5-40DE-B5C3-52A754A9C599",
"versionEndExcluding": "10.5.52.11r1",
"versionStartIncluding": "10.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:netscaler_sdx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8968E39A-1E16-4B7F-A16A-190EBC20D04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "864B5480-704F-4636-A938-7D95AD4223AD",
"versionEndExcluding": "10.10.0",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "35D34345-0AD1-499C-9A74-982B2D3F305A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "3DF3F07E-6F4E-4B97-B313-7DA3E8A88451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "5C98B0EA-7A52-4BDF-90C2-38797FC2B75A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FECF06B5-3915-48F0-A140-41C7A27EE99D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*",
"matchCriteriaId": "BBD8B161-0A07-492F-89E4-7A0BD02F6464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*",
"matchCriteriaId": "F3E8E0E1-FF63-425D-8C22-86B16CFB7B1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "29DF8DD7-B5CC-4152-A726-1D48459068D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*",
"matchCriteriaId": "DB2E2AAD-E221-4227-A41B-DC01BFDFCD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271."
},
{
"lang": "es",
"value": "GNU Bash hasta 4.3 bash43-025 procesa cadenas finales despu\u00e9s de la definici\u00f3n malformada de funciones en los valores de variables de entorno, lo que permite a atacantes remotos escribir hacia ficheros o posiblemente tener otro impacto desconocido a trav\u00e9s de un entorno manipulado, tal y como se ha demostrado por vectores que involucran la caracter\u00edstica ForceCommand en sshd OpenSSH, los m\u00f3dulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en la cual establecer el entorno ocurre a trav\u00e9s de un l\u00edmite privilegiado de la ejecuci\u00f3n de Bash. Nota: Esta vulnerabilidad existe debido a una soluci\u00f3n incompleta para CVE-2014-6271."
}
],
"id": "CVE-2014-7169",
"lastModified": "2025-01-06T19:35:05.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-09-25T01:55:04.367",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0393.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/58200"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59272"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59737"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59907"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60024"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60034"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60044"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60055"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60063"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60193"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60325"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60433"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60947"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61065"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61128"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61129"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61188"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61283"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61287"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61291"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61312"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61313"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61328"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61442"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61471"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61479"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61485"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61503"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61550"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61552"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61565"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61603"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61618"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61619"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61622"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61626"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61633"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61641"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61643"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61654"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61676"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61700"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61703"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61711"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61715"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61780"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61816"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61855"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61857"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61873"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/62228"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/62312"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/62343"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://twitter.com/taviso/statuses/514887394294652929"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3035"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2363-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2363-2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/shellshock/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0393.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/58200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61287"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61552"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61619"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61622"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/62228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/62312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/62343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://twitter.com/taviso/statuses/514887394294652929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2363-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2363-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/shellshock/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-17 21:29
Modified
2024-11-21 03:59
Severity ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM X-Force ID: 139473.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
"versionEndExcluding": "7.5.0.14",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
"versionEndExcluding": "7.7.1.9",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
"versionEndExcluding": "7.8.1.6",
"versionStartIncluding": "7.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
"versionEndExcluding": "8.1.1.2",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
"versionEndExcluding": "8.1.2.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM X-Force ID: 139473."
},
{
"lang": "es",
"value": "En los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1), web handler /DownloadFile no requiere autenticaci\u00f3n para leer archivos arbitrarios del sistema. IBM X-Force ID: 139473."
}
],
"id": "CVE-2018-1433",
"lastModified": "2024-11-21T03:59:48.683",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-17T21:29:00.243",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139473"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2018-1438
Vulnerability from cvelistv5
Published
2018-05-17 21:00
Modified
2024-08-05 03:59
Severity ?
EPSS score ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DLSnap could allow an unauthenticated attacker to read arbitrary files on the system. IBM X-Force ID: 139566.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/139566 | vdb-entry, x_refsource_XF | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104349 | vdb-entry, x_refsource_BID | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 | x_refsource_CONFIRM | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:39.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-storwize-cve20181438-info-disc(139566)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139566"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DLSnap could allow an unauthenticated attacker to read arbitrary files on the system. IBM X-Force ID: 139566."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-04T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-storwize-cve20181438-info-disc(139566)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139566"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2018-1438",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DLSnap could allow an unauthenticated attacker to read arbitrary files on the system. IBM X-Force ID: 139566."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-storwize-cve20181438-info-disc(139566)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139566"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1438",
"datePublished": "2018-05-17T21:00:00",
"dateReserved": "2017-12-13T00:00:00",
"dateUpdated": "2024-08-05T03:59:39.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-6271
Vulnerability from cvelistv5
Published
2014-09-24 18:00
Modified
2024-08-06 12:10
Severity ?
EPSS score ?
Summary
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:10:13.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37816",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/37816/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"name": "SUSE-SU-2014:1223",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"name": "HPSBMU03165",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"name": "SSRT101816",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"name": "39918",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/39918/"
},
{
"name": "HPSBHF03119",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"name": "RHSA-2014:1295",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
},
{
"name": "openSUSE-SU-2014:1226",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"name": "HPSBST03131",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"name": "SSRT101819",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"name": "HPSBMU03245",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"name": "HPSBST03196",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"name": "61188",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61188"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"name": "JVN#55667175",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"name": "61676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61676"
},
{
"name": "40619",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40619/"
},
{
"name": "openSUSE-SU-2014:1254",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"name": "60433",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60433"
},
{
"name": "38849",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/38849/"
},
{
"name": "HPSBMU03143",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"name": "HPSBMU03182",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"name": "SUSE-SU-2014:1260",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
},
{
"name": "HPSBST03155",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"name": "61715",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61715"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"name": "61816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61816"
},
{
"name": "openSUSE-SU-2014:1310",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"name": "61442",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61442"
},
{
"name": "HPSBMU03246",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"name": "HPSBST03195",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"name": "61283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61283"
},
{
"name": "SSRT101711",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"name": "USN-2362-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2362-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"name": "openSUSE-SU-2014:1308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"name": "61654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61654"
},
{
"name": "61542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61542"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"name": "62312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62312"
},
{
"name": "59272",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59272"
},
{
"name": "HPSBST03122",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"name": "HPSBMU03217",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"name": "SSRT101868",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61703",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61703"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"name": "VU#252743",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"name": "61065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61065"
},
{
"name": "SUSE-SU-2014:1213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
},
{
"name": "HPSBST03129",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"name": "HPSBMU03144",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"name": "70103",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70103"
},
{
"name": "JVNDB-2014-000126",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"name": "SSRT101827",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "TA14-268A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"name": "SUSE-SU-2014:1212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
},
{
"name": "61641",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61641"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
},
{
"name": "SUSE-SU-2014:1287",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"name": "APPLE-SA-2014-10-16-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"name": "MDVSA-2015:164",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"name": "RHSA-2014:1293",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"name": "openSUSE-SU-2014:1238",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
},
{
"name": "HPSBMU03220",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "60325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "60024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60024"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"name": "34879",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"name": "62343",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62343"
},
{
"name": "61565",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61565"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/support/shellshock/"
},
{
"name": "HPSBST03157",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"name": "61313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61313"
},
{
"name": "SSRT101742",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "61873",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61873"
},
{
"name": "61485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61485"
},
{
"name": "60947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60947"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "HPSBST03154",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"name": "HPSBST03265",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"name": "HPSBGN03142",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"name": "61312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61312"
},
{
"name": "60193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60193"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
},
{
"name": "60063",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60063"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
},
{
"name": "60034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60034"
},
{
"name": "HPSBMU03133",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"name": "59907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59907"
},
{
"name": "58200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58200"
},
{
"name": "HPSBST03181",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"name": "61643",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61643"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"name": "61503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61503"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"name": "RHSA-2014:1354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"name": "40938",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40938/"
},
{
"name": "HPSBGN03117",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"name": "61547",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61547"
},
{
"name": "HPSBHF03145",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"name": "HPSBST03148",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"name": "61552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61552"
},
{
"name": "61780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61780"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"name": "DSA-3032",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"name": "62228",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62228"
},
{
"name": "HPSBGN03138",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"name": "61855",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61855"
},
{
"name": "HPSBHF03124",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"name": "60044",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60044"
},
{
"name": "61291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61291"
},
{
"name": "RHSA-2014:1294",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
},
{
"name": "HPSBHF03125",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"name": "59737",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59737"
},
{
"name": "61287",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61287"
},
{
"name": "HPSBHF03146",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"name": "HPSBGN03233",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
},
{
"name": "SSRT101739",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61711"
},
{
"name": "HPSBOV03228",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"name": "HPSBGN03141",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0388.html"
},
{
"name": "61128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61128"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"name": "61471",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61471"
},
{
"name": "60055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60055"
},
{
"name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"name": "61550",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61550"
},
{
"name": "61633",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61633"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"name": "61328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61328"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"name": "42938",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42938/"
},
{
"name": "61129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61129"
},
{
"name": "61700",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61700"
},
{
"name": "61603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61603"
},
{
"name": "61857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61857"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\" NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-05T16:37:05",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "37816",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/37816/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"name": "SUSE-SU-2014:1223",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"name": "HPSBMU03165",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"name": "SSRT101816",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"name": "39918",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/39918/"
},
{
"name": "HPSBHF03119",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"name": "RHSA-2014:1295",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
},
{
"name": "openSUSE-SU-2014:1226",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"name": "HPSBST03131",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"name": "SSRT101819",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"name": "HPSBMU03245",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"name": "HPSBST03196",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"name": "61188",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61188"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"name": "JVN#55667175",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"name": "61676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61676"
},
{
"name": "40619",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40619/"
},
{
"name": "openSUSE-SU-2014:1254",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"name": "60433",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60433"
},
{
"name": "38849",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/38849/"
},
{
"name": "HPSBMU03143",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"name": "HPSBMU03182",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"name": "SUSE-SU-2014:1260",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
},
{
"name": "HPSBST03155",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"name": "61715",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61715"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"name": "61816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61816"
},
{
"name": "openSUSE-SU-2014:1310",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"name": "61442",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61442"
},
{
"name": "HPSBMU03246",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"name": "HPSBST03195",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"name": "61283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61283"
},
{
"name": "SSRT101711",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"name": "USN-2362-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2362-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"name": "openSUSE-SU-2014:1308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"name": "61654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61654"
},
{
"name": "61542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61542"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"name": "62312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62312"
},
{
"name": "59272",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59272"
},
{
"name": "HPSBST03122",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"name": "HPSBMU03217",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"name": "SSRT101868",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61703",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61703"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"name": "VU#252743",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"name": "61065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61065"
},
{
"name": "SUSE-SU-2014:1213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
},
{
"name": "HPSBST03129",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"name": "HPSBMU03144",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"name": "70103",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70103"
},
{
"name": "JVNDB-2014-000126",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"name": "SSRT101827",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "TA14-268A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"name": "SUSE-SU-2014:1212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
},
{
"name": "61641",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61641"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
},
{
"name": "SUSE-SU-2014:1287",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"name": "APPLE-SA-2014-10-16-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"name": "MDVSA-2015:164",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"name": "RHSA-2014:1293",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"name": "openSUSE-SU-2014:1238",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
},
{
"name": "HPSBMU03220",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "60325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "60024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60024"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"name": "34879",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"name": "62343",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62343"
},
{
"name": "61565",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61565"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/support/shellshock/"
},
{
"name": "HPSBST03157",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"name": "61313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61313"
},
{
"name": "SSRT101742",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "61873",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61873"
},
{
"name": "61485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61485"
},
{
"name": "60947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60947"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "HPSBST03154",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"name": "HPSBST03265",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"name": "HPSBGN03142",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"name": "61312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61312"
},
{
"name": "60193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60193"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
},
{
"name": "60063",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60063"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
},
{
"name": "60034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60034"
},
{
"name": "HPSBMU03133",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"name": "59907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59907"
},
{
"name": "58200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58200"
},
{
"name": "HPSBST03181",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"name": "61643",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61643"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"name": "61503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61503"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"name": "RHSA-2014:1354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"name": "40938",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40938/"
},
{
"name": "HPSBGN03117",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"name": "61547",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61547"
},
{
"name": "HPSBHF03145",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"name": "HPSBST03148",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"name": "61552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61552"
},
{
"name": "61780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61780"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"name": "DSA-3032",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"name": "62228",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62228"
},
{
"name": "HPSBGN03138",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"name": "61855",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61855"
},
{
"name": "HPSBHF03124",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"name": "60044",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60044"
},
{
"name": "61291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61291"
},
{
"name": "RHSA-2014:1294",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
},
{
"name": "HPSBHF03125",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"name": "59737",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59737"
},
{
"name": "61287",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61287"
},
{
"name": "HPSBHF03146",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"name": "HPSBGN03233",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
},
{
"name": "SSRT101739",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61711"
},
{
"name": "HPSBOV03228",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"name": "HPSBGN03141",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0388.html"
},
{
"name": "61128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61128"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"name": "61471",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61471"
},
{
"name": "60055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60055"
},
{
"name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"name": "61550",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61550"
},
{
"name": "61633",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61633"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"name": "61328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61328"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"name": "42938",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42938/"
},
{
"name": "61129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61129"
},
{
"name": "61700",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61700"
},
{
"name": "61603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61603"
},
{
"name": "61857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61857"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2014-6271",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\" NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37816",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37816/"
},
{
"name": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"name": "SUSE-SU-2014:1223",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"name": "HPSBMU03165",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"name": "SSRT101816",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"name": "39918",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39918/"
},
{
"name": "HPSBHF03119",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"name": "RHSA-2014:1295",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
},
{
"name": "openSUSE-SU-2014:1226",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
},
{
"name": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/",
"refsource": "CONFIRM",
"url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
},
{
"name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts",
"refsource": "CONFIRM",
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"name": "HPSBST03131",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"name": "SSRT101819",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"name": "HPSBMU03245",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"name": "HPSBST03196",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"name": "61188",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61188"
},
{
"name": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"name": "JVN#55667175",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"name": "61676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61676"
},
{
"name": "40619",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40619/"
},
{
"name": "openSUSE-SU-2014:1254",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"name": "60433",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60433"
},
{
"name": "38849",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38849/"
},
{
"name": "HPSBMU03143",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"name": "HPSBMU03182",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"name": "SUSE-SU-2014:1260",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
},
{
"name": "HPSBST03155",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"name": "61715",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61715"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"name": "61816",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61816"
},
{
"name": "openSUSE-SU-2014:1310",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"name": "61442",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61442"
},
{
"name": "HPSBMU03246",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"name": "HPSBST03195",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"name": "61283",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61283"
},
{
"name": "SSRT101711",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"name": "USN-2362-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2362-1"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"name": "openSUSE-SU-2014:1308",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"name": "61654",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61654"
},
{
"name": "61542",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61542"
},
{
"name": "http://www.novell.com/support/kb/doc.php?id=7015701",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315",
"refsource": "CONFIRM",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"name": "62312",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62312"
},
{
"name": "59272",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59272"
},
{
"name": "HPSBST03122",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"name": "HPSBMU03217",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"name": "SSRT101868",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61703",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61703"
},
{
"name": "http://support.apple.com/kb/HT6495",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6495"
},
{
"name": "VU#252743",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"name": "61065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61065"
},
{
"name": "SUSE-SU-2014:1213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
},
{
"name": "HPSBST03129",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"name": "HPSBMU03144",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"name": "70103",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70103"
},
{
"name": "JVNDB-2014-000126",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"name": "SSRT101827",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "TA14-268A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"name": "SUSE-SU-2014:1212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
},
{
"name": "61641",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61641"
},
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"name": "https://access.redhat.com/node/1200223",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/node/1200223"
},
{
"name": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
},
{
"name": "SUSE-SU-2014:1287",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"name": "APPLE-SA-2014-10-16-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"name": "MDVSA-2015:164",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"name": "RHSA-2014:1293",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"name": "openSUSE-SU-2014:1238",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
},
{
"name": "HPSBMU03220",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "60325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60325"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "60024",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60024"
},
{
"name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"name": "34879",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"name": "https://access.redhat.com/articles/1200223",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/articles/1200223"
},
{
"name": "62343",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62343"
},
{
"name": "61565",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61565"
},
{
"name": "https://www.suse.com/support/shellshock/",
"refsource": "CONFIRM",
"url": "https://www.suse.com/support/shellshock/"
},
{
"name": "HPSBST03157",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"name": "61313",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61313"
},
{
"name": "SSRT101742",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "61873",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61873"
},
{
"name": "61485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61485"
},
{
"name": "60947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60947"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"name": "https://support.apple.com/kb/HT6535",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "HPSBST03154",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"name": "HPSBST03265",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"name": "HPSBGN03142",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"name": "61312",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61312"
},
{
"name": "60193",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60193"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1294.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
},
{
"name": "60063",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60063"
},
{
"name": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
},
{
"name": "60034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60034"
},
{
"name": "HPSBMU03133",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"name": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html",
"refsource": "MISC",
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"name": "59907",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59907"
},
{
"name": "58200",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58200"
},
{
"name": "HPSBST03181",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"name": "61643",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61643"
},
{
"name": "http://www.novell.com/support/kb/doc.php?id=7015721",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"name": "61503",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61503"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"name": "RHSA-2014:1354",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"name": "40938",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40938/"
},
{
"name": "HPSBGN03117",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"name": "http://support.novell.com/security/cve/CVE-2014-6271.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"name": "61547",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61547"
},
{
"name": "HPSBHF03145",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"name": "http://www.qnap.com/i/en/support/con_show.php?cid=61",
"refsource": "CONFIRM",
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"name": "HPSBST03148",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"name": "61552",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61552"
},
{
"name": "61780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61780"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"name": "https://support.citrix.com/article/CTX200223",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX200223"
},
{
"name": "DSA-3032",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3032"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"name": "62228",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62228"
},
{
"name": "HPSBGN03138",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"name": "61855",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61855"
},
{
"name": "HPSBHF03124",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"name": "60044",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60044"
},
{
"name": "61291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61291"
},
{
"name": "RHSA-2014:1294",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
},
{
"name": "HPSBHF03125",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"name": "59737",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59737"
},
{
"name": "61287",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61287"
},
{
"name": "HPSBHF03146",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"name": "HPSBGN03233",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
},
{
"name": "SSRT101739",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61711"
},
{
"name": "HPSBOV03228",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"name": "HPSBGN03141",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0388.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0388.html"
},
{
"name": "61128",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61128"
},
{
"name": "https://support.citrix.com/article/CTX200217",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX200217"
},
{
"name": "61471",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61471"
},
{
"name": "60055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60055"
},
{
"name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"name": "61550",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61550"
},
{
"name": "61633",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61633"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1293.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82",
"refsource": "CONFIRM",
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"name": "61328",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61328"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"name": "42938",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42938/"
},
{
"name": "61129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61129"
},
{
"name": "61700",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61700"
},
{
"name": "61603",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61603"
},
{
"name": "61857",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61857"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"name": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2014-6271",
"datePublished": "2014-09-24T18:00:00",
"dateReserved": "2014-09-09T00:00:00",
"dateUpdated": "2024-08-06T12:10:13.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-1710
Vulnerability from cvelistv5
Published
2017-11-13 23:00
Modified
2024-09-17 01:25
Severity ?
EPSS score ?
Summary
A vulnerability in the Service Assistant GUI in IBM Storwize V7000 (2076) 8.1 could allow a remote attacker to perform a privilege escalation. IBM X-Force ID: 134531.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ibm.com/support/docview.wss?uid=ssg1S1010788 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1039776 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/134531 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/101770 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | IBM | Storwize V7000 (2076) |
Version: 8.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:39:31.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1010788"
},
{
"name": "1039776",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039776"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134531"
},
{
"name": "101770",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101770"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Storwize V7000 (2076)",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "8.1"
}
]
}
],
"datePublic": "2017-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Service Assistant GUI in IBM Storwize V7000 (2076) 8.1 could allow a remote attacker to perform a privilege escalation. IBM X-Force ID: 134531."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-15T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1010788"
},
{
"name": "1039776",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039776"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134531"
},
{
"name": "101770",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101770"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-11-08T00:00:00",
"ID": "CVE-2017-1710",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Storwize V7000 (2076)",
"version": {
"version_data": [
{
"version_value": "8.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Service Assistant GUI in IBM Storwize V7000 (2076) 8.1 could allow a remote attacker to perform a privilege escalation. IBM X-Force ID: 134531."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1010788",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1010788"
},
{
"name": "1039776",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039776"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134531",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134531"
},
{
"name": "101770",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101770"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1710",
"datePublished": "2017-11-13T23:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-17T01:25:35.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1461
Vulnerability from cvelistv5
Published
2018-05-17 21:00
Modified
2024-09-16 20:27
Severity ?
EPSS score ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 140362.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/140362 | vdb-entry, x_refsource_XF | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104349 | vdb-entry, x_refsource_BID | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 | x_refsource_CONFIRM | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | IBM | Spectrum Virtualize Software |
Version: 7.5 Version: 7.6 Version: 7.6.1 Version: 7.7 Version: 7.7.1 Version: 7.8 Version: 7.8.1 Version: 8.1 Version: 6.1 Version: 6.2 Version: 6.3 Version: 6.4 Version: 7.1 Version: 7.2 Version: 7.3 Version: 7.4 Version: 8.1.1 |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:39.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-storwize-cve20181461-xss(140362)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140362"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Spectrum Virtualize Software",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V5000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3500",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V7000 (2076)",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3700",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "FlashSystem V9000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "SAN Volume Controller",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
}
]
},
{
"product": "Spectrum Virtualize for Public Cloud",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
}
],
"datePublic": "2018-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 140362."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-04T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-storwize-cve20181461-xss(140362)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140362"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-05-14T00:00:00",
"ID": "CVE-2018-1461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spectrum Virtualize Software",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V5000",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3500",
"version": {
"version_data": [
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V7000 (2076)",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "1.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3700",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "6.4"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "FlashSystem V9000",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "SAN Volume Controller",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize for Public Cloud",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 140362."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-storwize-cve20181461-xss(140362)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140362"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1461",
"datePublished": "2018-05-17T21:00:00Z",
"dateReserved": "2017-12-13T00:00:00",
"dateUpdated": "2024-09-16T20:27:43.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1462
Vulnerability from cvelistv5
Published
2018-05-17 21:00
Modified
2024-09-17 01:51
Severity ?
EPSS score ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to including deleting files or causing a denial of service. IBM X-Force ID: 140363.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/140363 | vdb-entry, x_refsource_XF | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104349 | vdb-entry, x_refsource_BID | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 | x_refsource_CONFIRM | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | IBM | Storwize V3700 |
Version: 7.1 Version: 6.4 Version: 7.5 Version: 7.6 Version: 7.6.1 Version: 7.7 Version: 7.7.1 Version: 7.8 Version: 7.8.1 Version: 8.1 Version: 6.1 Version: 6.2 Version: 6.3 Version: 7.2 Version: 7.3 Version: 7.4 Version: 8.1.1 |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:39.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-storwize-cve20181462-dos(140363)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140363"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Storwize V3700",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Spectrum Virtualize Software",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "SAN Volume Controller",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
}
]
},
{
"product": "Storwize V5000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V7000 (2076)",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "FlashSystem V9000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3500",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Spectrum Virtualize for Public Cloud",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
}
],
"datePublic": "2018-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to including deleting files or causing a denial of service. IBM X-Force ID: 140363."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-04T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-storwize-cve20181462-dos(140363)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140363"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-05-14T00:00:00",
"ID": "CVE-2018-1462",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Storwize V3700",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "6.4"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize Software",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "SAN Volume Controller",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
}
]
}
},
{
"product_name": "Storwize V5000",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V7000 (2076)",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "1.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "FlashSystem V9000",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3500",
"version": {
"version_data": [
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize for Public Cloud",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to including deleting files or causing a denial of service. IBM X-Force ID: 140363."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-storwize-cve20181462-dos(140363)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140363"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1462",
"datePublished": "2018-05-17T21:00:00Z",
"dateReserved": "2017-12-13T00:00:00",
"dateUpdated": "2024-09-17T01:51:33.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1464
Vulnerability from cvelistv5
Published
2018-05-17 21:00
Modified
2024-09-16 20:17
Severity ?
EPSS score ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain sensitive information that they should not have authorization to read. IBM X-Force ID: 140395.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/140395 | vdb-entry, x_refsource_XF | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104349 | vdb-entry, x_refsource_BID | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 | x_refsource_CONFIRM | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | IBM | Storwize V5000 |
Version: 7.1 Version: 7.5 Version: 7.6 Version: 7.6.1 Version: 7.7 Version: 7.7.1 Version: 7.8 Version: 7.8.1 Version: 8.1 Version: 6.1 Version: 6.2 Version: 6.3 Version: 6.4 Version: 7.2 Version: 7.3 Version: 7.4 Version: 8.1.1 |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:39.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-storwize-cve20181464-info-disc(140395)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Storwize V5000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Spectrum Virtualize Software",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3500",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V7000 (2076)",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3700",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Spectrum Virtualize for Public Cloud",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "SAN Volume Controller",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
}
]
},
{
"product": "FlashSystem V9000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
}
],
"datePublic": "2018-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain sensitive information that they should not have authorization to read. IBM X-Force ID: 140395."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-04T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-storwize-cve20181464-info-disc(140395)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-05-14T00:00:00",
"ID": "CVE-2018-1464",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Storwize V5000",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize Software",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3500",
"version": {
"version_data": [
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V7000 (2076)",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "1.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3700",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "6.4"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize for Public Cloud",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "SAN Volume Controller",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
}
]
}
},
{
"product_name": "FlashSystem V9000",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain sensitive information that they should not have authorization to read. IBM X-Force ID: 140395."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-storwize-cve20181464-info-disc(140395)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140395"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1464",
"datePublished": "2018-05-17T21:00:00Z",
"dateReserved": "2017-12-13T00:00:00",
"dateUpdated": "2024-09-16T20:17:34.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1465
Vulnerability from cvelistv5
Published
2018-05-17 21:00
Modified
2024-09-16 18:14
Severity ?
EPSS score ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104349 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/140396 | vdb-entry, x_refsource_XF | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 | x_refsource_CONFIRM | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | IBM | Storwize V3500 |
Version: 6.4 Version: 7.1 Version: 7.5 Version: 7.6 Version: 7.6.1 Version: 7.7 Version: 7.7.1 Version: 7.8 Version: 7.8.1 Version: 8.1 Version: 6.1 Version: 6.2 Version: 6.3 Version: 7.2 Version: 7.3 Version: 7.4 Version: 8.1.1 |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:39.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "ibm-storwize-cve20181465-info-disc(140396)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Storwize V3500",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "SAN Volume Controller",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
}
]
},
{
"product": "Spectrum Virtualize Software",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Spectrum Virtualize for Public Cloud",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V7000 (2076)",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "FlashSystem V9000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V5000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3700",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
}
],
"datePublic": "2018-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-04T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "ibm-storwize-cve20181465-info-disc(140396)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-05-14T00:00:00",
"ID": "CVE-2018-1465",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Storwize V3500",
"version": {
"version_data": [
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "SAN Volume Controller",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize Software",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize for Public Cloud",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V7000 (2076)",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "1.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "FlashSystem V9000",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V5000",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3700",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "6.4"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "ibm-storwize-cve20181465-info-disc(140396)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1465",
"datePublished": "2018-05-17T21:00:00Z",
"dateReserved": "2017-12-13T00:00:00",
"dateUpdated": "2024-09-16T18:14:09.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1433
Vulnerability from cvelistv5
Published
2018-05-17 21:00
Modified
2024-08-05 03:59
Severity ?
EPSS score ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM X-Force ID: 139473.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/139473 | vdb-entry, x_refsource_XF | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104349 | vdb-entry, x_refsource_BID | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 | x_refsource_CONFIRM | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:39.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-storwize-cve20181433-file-download(139473)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139473"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM X-Force ID: 139473."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-04T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-storwize-cve20181433-file-download(139473)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139473"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2018-1433",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM X-Force ID: 139473."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-storwize-cve20181433-file-download(139473)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139473"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1433",
"datePublished": "2018-05-17T21:00:00",
"dateReserved": "2017-12-13T00:00:00",
"dateUpdated": "2024-08-05T03:59:39.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-5638
Vulnerability from cvelistv5
Published
2017-03-11 02:11
Modified
2024-08-05 15:04
Severity ?
EPSS score ?
Summary
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Apache Software Foundation | Apache Struts |
Version: 2.3.x before 2.3.32 Version: 2.5.x before 2.5.10.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:04:15.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"
},
{
"name": "41570",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://exploit-db.com/exploits/41570"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170310-0001/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rapid7/metasploit-framework/issues/8064"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://struts.apache.org/docs/s2-046.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us"
},
{
"name": "VU#834067",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/834067"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://isc.sans.edu/diary/22169"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://struts.apache.org/docs/s2-045.html"
},
{
"name": "1037973",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037973"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
},
{
"name": "96729",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96729"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://twitter.com/theog150/status/841146956135124993"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mazen160/struts-pwn"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len-14200"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
},
{
"name": "41614",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/41614/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/WW/S2-046"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
},
{
"name": "[announce] 20200131 Apache Software Foundation Security Report: 2019",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E"
},
{
"name": "[announce] 20210125 Apache Software Foundation Security Report: 2020",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E"
},
{
"name": "[announce] 20210223 Re: Apache Software Foundation Security Report: 2020",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Struts",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "2.3.x before 2.3.32"
},
{
"status": "affected",
"version": "2.5.x before 2.5.10.1"
}
]
}
],
"datePublic": "2017-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-24T03:06:34",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"
},
{
"name": "41570",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://exploit-db.com/exploits/41570"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170310-0001/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rapid7/metasploit-framework/issues/8064"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://struts.apache.org/docs/s2-046.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us"
},
{
"name": "VU#834067",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/834067"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://isc.sans.edu/diary/22169"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://struts.apache.org/docs/s2-045.html"
},
{
"name": "1037973",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037973"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
},
{
"name": "96729",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96729"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://twitter.com/theog150/status/841146956135124993"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mazen160/struts-pwn"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len-14200"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
},
{
"name": "41614",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/41614/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/WW/S2-046"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
},
{
"name": "[announce] 20200131 Apache Software Foundation Security Report: 2019",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E"
},
{
"name": "[announce] 20210125 Apache Software Foundation Security Report: 2020",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E"
},
{
"name": "[announce] 20210223 Re: Apache Software Foundation Security Report: 2020",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-5638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Struts",
"version": {
"version_data": [
{
"version_value": "2.3.x before 2.3.32"
},
{
"version_value": "2.5.x before 2.5.10.1"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html",
"refsource": "MISC",
"url": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"
},
{
"name": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/",
"refsource": "MISC",
"url": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"
},
{
"name": "41570",
"refsource": "EXPLOIT-DB",
"url": "https://exploit-db.com/exploits/41570"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170310-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170310-0001/"
},
{
"name": "https://github.com/rapid7/metasploit-framework/issues/8064",
"refsource": "MISC",
"url": "https://github.com/rapid7/metasploit-framework/issues/8064"
},
{
"name": "https://struts.apache.org/docs/s2-046.html",
"refsource": "CONFIRM",
"url": "https://struts.apache.org/docs/s2-046.html"
},
{
"name": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html",
"refsource": "MISC",
"url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
},
{
"name": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/",
"refsource": "MISC",
"url": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us"
},
{
"name": "VU#834067",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/834067"
},
{
"name": "https://isc.sans.edu/diary/22169",
"refsource": "MISC",
"url": "https://isc.sans.edu/diary/22169"
},
{
"name": "https://struts.apache.org/docs/s2-045.html",
"refsource": "CONFIRM",
"url": "https://struts.apache.org/docs/s2-045.html"
},
{
"name": "1037973",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037973"
},
{
"name": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html",
"refsource": "MISC",
"url": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
},
{
"name": "96729",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96729"
},
{
"name": "https://twitter.com/theog150/status/841146956135124993",
"refsource": "MISC",
"url": "https://twitter.com/theog150/status/841146956135124993"
},
{
"name": "https://github.com/mazen160/struts-pwn",
"refsource": "MISC",
"url": "https://github.com/mazen160/struts-pwn"
},
{
"name": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"
},
{
"name": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145"
},
{
"name": "https://support.lenovo.com/us/en/product_security/len-14200",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len-14200"
},
{
"name": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a",
"refsource": "CONFIRM",
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us"
},
{
"name": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228",
"refsource": "CONFIRM",
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228"
},
{
"name": "https://cwiki.apache.org/confluence/display/WW/S2-045",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
},
{
"name": "41614",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41614/"
},
{
"name": "https://cwiki.apache.org/confluence/display/WW/S2-046",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/WW/S2-046"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us"
},
{
"name": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/",
"refsource": "MISC",
"url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
},
{
"name": "[announce] 20200131 Apache Software Foundation Security Report: 2019",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E"
},
{
"name": "[announce] 20210125 Apache Software Foundation Security Report: 2020",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E"
},
{
"name": "[announce] 20210223 Re: Apache Software Foundation Security Report: 2020",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-5638",
"datePublished": "2017-03-11T02:11:00",
"dateReserved": "2017-01-29T00:00:00",
"dateUpdated": "2024-08-05T15:04:15.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-4686
Vulnerability from cvelistv5
Published
2020-08-17 12:35
Modified
2024-09-16 16:58
Severity ?
EPSS score ?
Summary
IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6260199 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/186678 | vdb-entry, x_refsource_XF |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | IBM | SAN Volume Controller and Storwize Family |
Version: 8.3.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:14:58.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6260199"
},
{
"name": "ibm-spectrum-cve20204686-priv-escalation (186678)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/186678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAN Volume Controller and Storwize Family",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "8.3.1"
}
]
}
],
"datePublic": "2020-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/C:H/AV:N/PR:L/UI:N/I:H/S:U/AC:H/A:N/RL:O/E:U/RC:C",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-17T12:35:12",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/pages/node/6260199"
},
{
"name": "ibm-spectrum-cve20204686-priv-escalation (186678)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/186678"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2020-08-14T00:00:00",
"ID": "CVE-2020-4686",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAN Volume Controller and Storwize Family",
"version": {
"version_data": [
{
"version_value": "8.3.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "H",
"AV": "N",
"C": "H",
"I": "H",
"PR": "L",
"S": "U",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6260199",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6260199 (SAN Volume Controller and Storwize Family)",
"url": "https://www.ibm.com/support/pages/node/6260199"
},
{
"name": "ibm-spectrum-cve20204686-priv-escalation (186678)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/186678"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2020-4686",
"datePublished": "2020-08-17T12:35:12.569271Z",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-09-16T16:58:32.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1434
Vulnerability from cvelistv5
Published
2018-05-17 21:00
Modified
2024-09-17 02:11
Severity ?
EPSS score ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 139474.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/139474 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/104349 | vdb-entry, x_refsource_BID | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 | x_refsource_CONFIRM | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | IBM | FlashSystem V9000 |
Version: 7.5 Version: 7.6 Version: 7.6.1 Version: 7.7 Version: 7.7.1 Version: 7.8 Version: 7.8.1 Version: 8.1 Version: 6.1 Version: 6.2 Version: 6.3 Version: 6.4 Version: 7.1 Version: 7.2 Version: 7.3 Version: 7.4 Version: 8.1.1 |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:39.064Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "ibm-storwize-cve20181434-csrf(139474)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139474"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FlashSystem V9000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3700",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V5000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Spectrum Virtualize Software",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "SAN Volume Controller",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
}
]
},
{
"product": "Spectrum Virtualize for Public Cloud",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V7000 (2076)",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3500",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
}
],
"datePublic": "2018-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 139474."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-04T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "ibm-storwize-cve20181434-csrf(139474)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139474"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-05-14T00:00:00",
"ID": "CVE-2018-1434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FlashSystem V9000",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3700",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "6.4"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V5000",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize Software",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "SAN Volume Controller",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize for Public Cloud",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V7000 (2076)",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "1.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3500",
"version": {
"version_data": [
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 139474."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "ibm-storwize-cve20181434-csrf(139474)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139474"
},
{
"name": "104349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1434",
"datePublished": "2018-05-17T21:00:00Z",
"dateReserved": "2017-12-13T00:00:00",
"dateUpdated": "2024-09-17T02:11:40.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1463
Vulnerability from cvelistv5
Published
2018-05-17 21:00
Modified
2024-09-16 16:52
Severity ?
EPSS score ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104349 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/140368 | vdb-entry, x_refsource_XF | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 | x_refsource_CONFIRM | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | IBM | Storwize V5000 |
Version: 7.1 Version: 7.5 Version: 7.6 Version: 7.6.1 Version: 7.7 Version: 7.7.1 Version: 7.8 Version: 7.8.1 Version: 8.1 Version: 6.1 Version: 6.2 Version: 6.3 Version: 6.4 Version: 7.2 Version: 7.3 Version: 7.4 Version: 8.1.1 |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:39.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "ibm-storwize-cve20181463-info-disc(140368)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140368"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Storwize V5000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Spectrum Virtualize Software",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3700",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Spectrum Virtualize for Public Cloud",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "SAN Volume Controller",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
}
]
},
{
"product": "Storwize V7000 (2076)",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3500",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "FlashSystem V9000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
}
],
"datePublic": "2018-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-04T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "ibm-storwize-cve20181463-info-disc(140368)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140368"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-05-14T00:00:00",
"ID": "CVE-2018-1463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Storwize V5000",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize Software",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3700",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "6.4"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize for Public Cloud",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "SAN Volume Controller",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
}
]
}
},
{
"product_name": "Storwize V7000 (2076)",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "1.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3500",
"version": {
"version_data": [
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "FlashSystem V9000",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "ibm-storwize-cve20181463-info-disc(140368)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140368"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1463",
"datePublished": "2018-05-17T21:00:00Z",
"dateReserved": "2017-12-13T00:00:00",
"dateUpdated": "2024-09-16T16:52:50.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1466
Vulnerability from cvelistv5
Published
2018-05-17 21:00
Modified
2024-09-16 17:03
Severity ?
EPSS score ?
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/140397 | vdb-entry, x_refsource_XF | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104349 | vdb-entry, x_refsource_BID | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 | x_refsource_CONFIRM | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | IBM | SAN Volume Controller |
Version: 6.1 Version: 6.2 Version: 6.3 Version: 6.4 Version: 7.1 Version: 7.5 Version: 7.6 Version: 7.6.1 Version: 7.7 Version: 7.7.1 Version: 7.8 Version: 7.8.1 Version: 8.1 |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:39.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-storwize-cve20181466-info-disc(140397)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140397"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAN Volume Controller",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
}
]
},
{
"product": "Storwize V5000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Spectrum Virtualize Software",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V7000 (2076)",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3700",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3500",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "FlashSystem V9000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Spectrum Virtualize for Public Cloud",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
}
],
"datePublic": "2018-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-04T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-storwize-cve20181466-info-disc(140397)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140397"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-05-14T00:00:00",
"ID": "CVE-2018-1466",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAN Volume Controller",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
}
]
}
},
{
"product_name": "Storwize V5000",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize Software",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V7000 (2076)",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "1.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3700",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "6.4"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3500",
"version": {
"version_data": [
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "FlashSystem V9000",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize for Public Cloud",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-storwize-cve20181466-info-disc(140397)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140397"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1466",
"datePublished": "2018-05-17T21:00:00Z",
"dateReserved": "2017-12-13T00:00:00",
"dateUpdated": "2024-09-16T17:03:03.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-7169
Vulnerability from cvelistv5
Published
2014-09-25 01:00
Modified
2024-08-06 12:40
Severity ?
EPSS score ?
Summary
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:40:19.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
},
{
"name": "HPSBMU03165",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"name": "HPSBHF03119",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"name": "HPSBST03131",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"name": "SSRT101819",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"name": "HPSBMU03245",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "openSUSE-SU-2014:1229",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"name": "61188",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61188"
},
{
"name": "JVN#55667175",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"name": "61676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61676"
},
{
"name": "openSUSE-SU-2014:1254",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"name": "60433",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60433"
},
{
"name": "HPSBMU03143",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"name": "HPSBMU03182",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"name": "RHSA-2014:1306",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
},
{
"name": "HPSBST03155",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"name": "61715",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61715"
},
{
"name": "USN-2363-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2363-2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"name": "61816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61816"
},
{
"name": "openSUSE-SU-2014:1310",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"name": "61442",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61442"
},
{
"name": "HPSBMU03246",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"name": "HPSBST03195",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"name": "61283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61283"
},
{
"name": "SSRT101711",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"name": "openSUSE-SU-2014:1308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"name": "61654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61654"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"name": "62312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62312"
},
{
"name": "59272",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59272"
},
{
"name": "HPSBST03122",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"name": "HPSBMU03217",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "RHSA-2014:1312",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"name": "USN-2363-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2363-1"
},
{
"name": "SSRT101868",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61703",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61703"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"name": "VU#252743",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"name": "61065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61065"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
},
{
"name": "HPSBST03129",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"name": "HPSBMU03144",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"name": "JVNDB-2014-000126",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"name": "SSRT101827",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "TA14-268A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"name": "61641",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61641"
},
{
"name": "SUSE-SU-2014:1247",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"name": "SUSE-SU-2014:1287",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"name": "APPLE-SA-2014-10-16-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"name": "MDVSA-2015:164",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"name": "61619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61619"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"name": "HPSBMU03220",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "60325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "60024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60024"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"name": "34879",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"name": "61622",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61622"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"name": "62343",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62343"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0393.html"
},
{
"name": "61565",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61565"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/support/shellshock/"
},
{
"name": "HPSBST03157",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"name": "61313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61313"
},
{
"name": "SSRT101742",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "61873",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61873"
},
{
"name": "61485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61485"
},
{
"name": "openSUSE-SU-2014:1242",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
},
{
"name": "61618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61618"
},
{
"name": "60947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60947"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "HPSBST03154",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"name": "HPSBGN03142",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"name": "61312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61312"
},
{
"name": "60193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60193"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"name": "61479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61479"
},
{
"name": "60063",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60063"
},
{
"name": "60034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60034"
},
{
"name": "HPSBMU03133",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"name": "59907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59907"
},
{
"name": "58200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58200"
},
{
"name": "HPSBST03181",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"name": "61643",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61643"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://twitter.com/taviso/statuses/514887394294652929"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"name": "61503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61503"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"name": "RHSA-2014:1354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"name": "HPSBGN03117",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"name": "HPSBHF03145",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"name": "HPSBST03148",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"name": "61552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61552"
},
{
"name": "61780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61780"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"name": "62228",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62228"
},
{
"name": "HPSBGN03138",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"name": "61855",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61855"
},
{
"name": "HPSBHF03124",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"name": "60044",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60044"
},
{
"name": "61291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61291"
},
{
"name": "HPSBHF03125",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"name": "59737",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59737"
},
{
"name": "61287",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61287"
},
{
"name": "HPSBHF03146",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"name": "HPSBGN03233",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "SSRT101739",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61711"
},
{
"name": "HPSBOV03228",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"name": "HPSBGN03141",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"name": "RHSA-2014:1311",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
},
{
"name": "61128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61128"
},
{
"name": "DSA-3035",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3035"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"name": "61471",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61471"
},
{
"name": "60055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60055"
},
{
"name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"name": "61550",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61550"
},
{
"name": "61633",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61633"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"name": "SUSE-SU-2014:1259",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
},
{
"name": "61328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61328"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"name": "61129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61129"
},
{
"name": "61700",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61700"
},
{
"name": "61626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61626"
},
{
"name": "61603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61603"
},
{
"name": "61857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61857"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-05T16:41:42",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
},
{
"name": "HPSBMU03165",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"name": "HPSBHF03119",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"name": "HPSBST03131",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"name": "SSRT101819",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"name": "HPSBMU03245",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "openSUSE-SU-2014:1229",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"name": "61188",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61188"
},
{
"name": "JVN#55667175",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"name": "61676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61676"
},
{
"name": "openSUSE-SU-2014:1254",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"name": "60433",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60433"
},
{
"name": "HPSBMU03143",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"name": "HPSBMU03182",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"name": "RHSA-2014:1306",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
},
{
"name": "HPSBST03155",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"name": "61715",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61715"
},
{
"name": "USN-2363-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2363-2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"name": "61816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61816"
},
{
"name": "openSUSE-SU-2014:1310",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"name": "61442",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61442"
},
{
"name": "HPSBMU03246",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"name": "HPSBST03195",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"name": "61283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61283"
},
{
"name": "SSRT101711",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"name": "openSUSE-SU-2014:1308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"name": "61654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61654"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"name": "62312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62312"
},
{
"name": "59272",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59272"
},
{
"name": "HPSBST03122",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"name": "HPSBMU03217",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "RHSA-2014:1312",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"name": "USN-2363-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2363-1"
},
{
"name": "SSRT101868",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61703",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61703"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"name": "VU#252743",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"name": "61065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61065"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
},
{
"name": "HPSBST03129",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"name": "HPSBMU03144",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"name": "JVNDB-2014-000126",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"name": "SSRT101827",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "TA14-268A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"name": "61641",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61641"
},
{
"name": "SUSE-SU-2014:1247",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"name": "SUSE-SU-2014:1287",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"name": "APPLE-SA-2014-10-16-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"name": "MDVSA-2015:164",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"name": "61619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61619"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"name": "HPSBMU03220",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "60325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "60024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60024"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"name": "34879",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"name": "61622",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61622"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"name": "62343",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62343"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0393.html"
},
{
"name": "61565",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61565"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/support/shellshock/"
},
{
"name": "HPSBST03157",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"name": "61313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61313"
},
{
"name": "SSRT101742",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "61873",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61873"
},
{
"name": "61485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61485"
},
{
"name": "openSUSE-SU-2014:1242",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
},
{
"name": "61618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61618"
},
{
"name": "60947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60947"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "HPSBST03154",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"name": "HPSBGN03142",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"name": "61312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61312"
},
{
"name": "60193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60193"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"name": "61479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61479"
},
{
"name": "60063",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60063"
},
{
"name": "60034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60034"
},
{
"name": "HPSBMU03133",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"name": "59907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59907"
},
{
"name": "58200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58200"
},
{
"name": "HPSBST03181",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"name": "61643",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61643"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://twitter.com/taviso/statuses/514887394294652929"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"name": "61503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61503"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"name": "RHSA-2014:1354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"name": "HPSBGN03117",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"name": "HPSBHF03145",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"name": "HPSBST03148",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"name": "61552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61552"
},
{
"name": "61780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61780"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"name": "62228",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62228"
},
{
"name": "HPSBGN03138",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"name": "61855",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61855"
},
{
"name": "HPSBHF03124",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"name": "60044",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60044"
},
{
"name": "61291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61291"
},
{
"name": "HPSBHF03125",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"name": "59737",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59737"
},
{
"name": "61287",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61287"
},
{
"name": "HPSBHF03146",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"name": "HPSBGN03233",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "SSRT101739",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61711"
},
{
"name": "HPSBOV03228",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"name": "HPSBGN03141",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"name": "RHSA-2014:1311",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
},
{
"name": "61128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61128"
},
{
"name": "DSA-3035",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3035"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"name": "61471",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61471"
},
{
"name": "60055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60055"
},
{
"name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"name": "61550",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61550"
},
{
"name": "61633",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61633"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"name": "SUSE-SU-2014:1259",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
},
{
"name": "61328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61328"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"name": "61129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61129"
},
{
"name": "61700",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61700"
},
{
"name": "61626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61626"
},
{
"name": "61603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61603"
},
{
"name": "61857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61857"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7169",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
},
{
"name": "HPSBMU03165",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"name": "HPSBHF03119",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts",
"refsource": "CONFIRM",
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"name": "HPSBST03131",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"name": "SSRT101819",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"name": "HPSBMU03245",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "openSUSE-SU-2014:1229",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"name": "61188",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61188"
},
{
"name": "JVN#55667175",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"name": "61676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61676"
},
{
"name": "openSUSE-SU-2014:1254",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"name": "60433",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60433"
},
{
"name": "HPSBMU03143",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"name": "HPSBMU03182",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"name": "RHSA-2014:1306",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
},
{
"name": "HPSBST03155",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"name": "61715",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61715"
},
{
"name": "USN-2363-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2363-2"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"name": "61816",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61816"
},
{
"name": "openSUSE-SU-2014:1310",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"name": "61442",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61442"
},
{
"name": "HPSBMU03246",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"name": "HPSBST03195",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"name": "61283",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61283"
},
{
"name": "SSRT101711",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"name": "openSUSE-SU-2014:1308",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"name": "61654",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61654"
},
{
"name": "http://www.novell.com/support/kb/doc.php?id=7015701",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315",
"refsource": "CONFIRM",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"name": "62312",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62312"
},
{
"name": "59272",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59272"
},
{
"name": "HPSBST03122",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"name": "HPSBMU03217",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "RHSA-2014:1312",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"name": "USN-2363-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2363-1"
},
{
"name": "SSRT101868",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61703",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61703"
},
{
"name": "http://support.apple.com/kb/HT6495",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6495"
},
{
"name": "VU#252743",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"name": "61065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61065"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-3075.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
},
{
"name": "HPSBST03129",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"name": "HPSBMU03144",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"name": "http://support.novell.com/security/cve/CVE-2014-7169.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"name": "JVNDB-2014-000126",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"name": "SSRT101827",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "TA14-268A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"name": "61641",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61641"
},
{
"name": "SUSE-SU-2014:1247",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
},
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"name": "https://access.redhat.com/node/1200223",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/node/1200223"
},
{
"name": "SUSE-SU-2014:1287",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"name": "APPLE-SA-2014-10-16-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"name": "MDVSA-2015:164",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"name": "61619",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61619"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-3078.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"name": "HPSBMU03220",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "60325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60325"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "60024",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60024"
},
{
"name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"name": "34879",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"name": "61622",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61622"
},
{
"name": "https://access.redhat.com/articles/1200223",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/articles/1200223"
},
{
"name": "62343",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62343"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0393.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0393.html"
},
{
"name": "61565",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61565"
},
{
"name": "https://www.suse.com/support/shellshock/",
"refsource": "CONFIRM",
"url": "https://www.suse.com/support/shellshock/"
},
{
"name": "HPSBST03157",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"name": "61313",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61313"
},
{
"name": "SSRT101742",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "61873",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61873"
},
{
"name": "61485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61485"
},
{
"name": "openSUSE-SU-2014:1242",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
},
{
"name": "61618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61618"
},
{
"name": "60947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60947"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"name": "https://support.apple.com/kb/HT6535",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "HPSBST03154",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"name": "HPSBGN03142",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"name": "61312",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61312"
},
{
"name": "60193",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60193"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"name": "61479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61479"
},
{
"name": "60063",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60063"
},
{
"name": "60034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60034"
},
{
"name": "HPSBMU03133",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"name": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html",
"refsource": "MISC",
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"name": "59907",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59907"
},
{
"name": "58200",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58200"
},
{
"name": "HPSBST03181",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"name": "61643",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61643"
},
{
"name": "http://twitter.com/taviso/statuses/514887394294652929",
"refsource": "MISC",
"url": "http://twitter.com/taviso/statuses/514887394294652929"
},
{
"name": "http://www.novell.com/support/kb/doc.php?id=7015721",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"name": "61503",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61503"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"name": "RHSA-2014:1354",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"name": "HPSBGN03117",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"name": "HPSBHF03145",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"name": "http://www.qnap.com/i/en/support/con_show.php?cid=61",
"refsource": "CONFIRM",
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"name": "HPSBST03148",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"name": "61552",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61552"
},
{
"name": "61780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61780"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"name": "https://support.citrix.com/article/CTX200223",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX200223"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-3077.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"name": "62228",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62228"
},
{
"name": "HPSBGN03138",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"name": "61855",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61855"
},
{
"name": "HPSBHF03124",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"name": "60044",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60044"
},
{
"name": "61291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61291"
},
{
"name": "HPSBHF03125",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"name": "59737",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59737"
},
{
"name": "61287",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61287"
},
{
"name": "HPSBHF03146",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"name": "HPSBGN03233",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "SSRT101739",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61711"
},
{
"name": "HPSBOV03228",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"name": "HPSBGN03141",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"name": "RHSA-2014:1311",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
},
{
"name": "61128",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61128"
},
{
"name": "DSA-3035",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3035"
},
{
"name": "https://support.citrix.com/article/CTX200217",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX200217"
},
{
"name": "61471",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61471"
},
{
"name": "60055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60055"
},
{
"name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"name": "61550",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61550"
},
{
"name": "61633",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61633"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1306.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
},
{
"name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82",
"refsource": "CONFIRM",
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"name": "SUSE-SU-2014:1259",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
},
{
"name": "61328",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61328"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"name": "61129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61129"
},
{
"name": "61700",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61700"
},
{
"name": "61626",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61626"
},
{
"name": "61603",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61603"
},
{
"name": "61857",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61857"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-7169",
"datePublished": "2014-09-25T01:00:00",
"dateReserved": "2014-09-24T00:00:00",
"dateUpdated": "2024-08-06T12:40:19.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}