Vulnerabilites related to redhat - virtualization_manager
Vulnerability from fkie_nvd
Published
2017-05-23 17:29
Modified
2024-11-21 03:35
Severity ?
Summary
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openvswitch | openvswitch | 2.7.0 | |
| debian | debian_linux | 9.0 | |
| redhat | openstack | 6.0 | |
| redhat | openstack | 7.0 | |
| redhat | openstack | 8 | |
| redhat | openstack | 9 | |
| redhat | openstack | 10 | |
| redhat | openstack | 11 | |
| redhat | virtualization | 4.1 | |
| redhat | virtualization_manager | 4.1 | |
| redhat | virtualization | 4.0 | |
| redhat | enterprise_linux | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openvswitch:openvswitch:2.7.0:*:*:*:*:*:*:*", matchCriteriaId: "C3C92CDE-F125-490D-9B70-AEAAA6947352", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*", matchCriteriaId: "31EC146C-A6F6-4C0D-AF87-685286262DAA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*", matchCriteriaId: "9DAA72A4-AC7D-4544-89D4-5B07961D5A95", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*", matchCriteriaId: "E8B8C725-34CF-4340-BE7B-37E58CF706D6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*", matchCriteriaId: "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", matchCriteriaId: "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*", matchCriteriaId: "4E9AF77C-5D49-4842-9817-AD710A919073", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:4.1:*:*:*:*:*:*:*", matchCriteriaId: "03EB0F63-DB24-4240-BC44-C92BAE7EAF42", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.1:*:*:*:*:*:*:*", matchCriteriaId: "AF786B57-02C3-48B7-B902-318356B3A3B6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.", }, { lang: "es", value: "En Open vSwitch (OvS) versión 2.7.0, mientras analiza un mensaje OFPT_QUEUE_GET_CONFIG_REPLY tipo OFP versión 1.0, se presenta una lectura excesiva búfer causada por un desbordamiento de enteros sin signo en la función “ofputil_pull_queue_get_config_reply10” en la biblioteca “lib/ofp-util.c”.", }, ], id: "CVE-2017-9214", lastModified: "2024-11-21T03:35:36.157", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-05-23T17:29:00.257", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2418", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2553", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2648", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2665", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2692", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2698", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2727", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Vendor Advisory", ], url: "https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2418", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2553", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2648", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2665", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2692", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2698", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2727", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Vendor Advisory", ], url: "https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-191", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-11-14 19:15
Modified
2024-11-21 04:20
Severity ?
Summary
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:slackware:slackware:14.2:*:*:*:*:*:*:*", matchCriteriaId: "92A1C406-4737-463F-BB57-FAC6C8D2F2E5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:apollo_4200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3CEC11E-34BC-48D3-8CA4-BC5C2E4D9BBC", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:apollo_4200:gen10:*:*:*:*:*:*:*", matchCriteriaId: "28CD6A70-DC5A-453B-9551-D79A130380E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:apollo_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F402DDC-BAAC-4BE4-AB5F-8C96640CC280", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:apollo_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "A9FF05F7-F7FC-4817-805B-A69B22BBEDFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_bl460c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D90D90B-821E-4A73-9B27-3AC0A6225A16", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_bl460c:gen10:*:*:*:*:*:*:*", matchCriteriaId: "BEBE6F01-0FC8-4792-A1F2-290BCC4F6FEB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_dl580_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D79DF433-D488-4107-B193-46686559968E", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_dl580:gen10:*:*:*:*:*:*:*", matchCriteriaId: "A85D585D-3324-420F-BE09-1BB656510DFB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_dl560_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D736B2EC-E017-40A7-AEF0-F03F40CBD942", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_dl560:gen10:*:*:*:*:*:*:*", matchCriteriaId: "57437358-2BB2-40B2-B6C7-A184E0989040", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_dl380_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2D377C96-3076-4EA0-BCAA-CC7420A068FE", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_dl380:gen10:*:*:*:*:*:*:*", matchCriteriaId: "B7125071-68F6-4832-BED4-2005A6BB34CC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_dl360_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3FC37A3E-57D5-473C-9467-3F63C2E7751E", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_dl360:gen10:*:*:*:*:*:*:*", matchCriteriaId: "1E243D38-0202-4198-90F4-3D55ADB46F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_dl180_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AF4FBC54-0557-442F-8DF2-6A67638063BB", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_dl180:gen10:*:*:*:*:*:*:*", matchCriteriaId: "134B7262-F1BA-4D09-A44F-25C8CF5970BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_dl160_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A09C6807-228E-485B-A1E2-0D07106D0E75", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_dl160:gen10:*:*:*:*:*:*:*", matchCriteriaId: "D1F0C75D-049E-4C1D-8B2D-FE728DC17D3E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_dl120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7BA6B1D6-816A-4603-B7A4-2EB2C8573D98", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_dl120:gen10:*:*:*:*:*:*:*", matchCriteriaId: "B66CA53C-E0DD-4AEE-ABDD-2E72795FE50B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_dl20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23C4F525-5AAB-4215-9A3D-0EF42ADCF470", versionEndExcluding: "2.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_dl20:gen10:*:*:*:*:*:*:*", matchCriteriaId: "CECC4A42-31FB-4353-B436-F9658BB1A525", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_ml350_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCAE30BC-B101-4350-B268-61CBF41000BD", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_ml350:gen10:*:*:*:*:*:*:*", matchCriteriaId: "45915CF8-D93A-4AF1-B4F8-83603B4F38F7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_ml110_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B46B4176-7B49-40E4-96D2-DDF13917E9E1", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_ml110:gen10:*:*:*:*:*:*:*", matchCriteriaId: "E8273537-FAC9-4E1E-9D04-EEB20A0160F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_ml30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A41EE882-6975-4A42-A861-E9A86D1AB1D9", versionEndExcluding: "2.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_ml30:gen10:*:*:*:*:*:*:*", matchCriteriaId: "84E46134-6B1D-4FD5-B86A-721B7035DC58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_xl450_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D5B63F2C-66A6-439A-A931-79B17894B1E0", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_xl450:gen10:*:*:*:*:*:*:*", matchCriteriaId: "B71F8154-1816-4289-B466-6CE56A4F336A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_xl270d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B3E5C1-8F87-4B70-8DB0-FBDC6C50D01E", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_xl270d:gen10:*:*:*:*:*:*:*", matchCriteriaId: "13F75491-BE42-4A2C-9BD2-A041EA7BA893", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_xl230k_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D46BAB31-57E8-4382-B208-DB8B7BF17E57", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_xl230k:gen10:*:*:*:*:*:*:*", matchCriteriaId: "CE4E1276-FE6B-4E1B-BFDC-E104AD766DEC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_xl190r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7867023B-EDFA-4E1E-8EFD-D351855F9C56", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_xl190r:gen10:*:*:*:*:*:*:*", matchCriteriaId: "FFF2E8DC-BE8B-4BA0-B25A-46B6D950AF8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_xl170r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01244BE2-B003-4474-A2A7-57DF9760A5EB", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_xl170r:gen10:*:*:*:*:*:*:*", matchCriteriaId: "701CA686-2167-45B8-8795-265B80547608", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:synergy_480_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "575B564D-D52C-4194-843D-3F14FEC199E4", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:synergy_480:gen10:*:*:*:*:*:*:*", matchCriteriaId: "1D953D08-A1BA-49D0-ADB9-2A032E5C96A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:synergy_660_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96685483-7716-4227-8ADC-D42150E33814", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:synergy_660:gen10:*:*:*:*:*:*:*", matchCriteriaId: "B6B0989B-8548-4902-90E6-294FA5AB768E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proliant_e910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA7706E3-68D3-4DD6-A3AE-748B1158995C", versionEndExcluding: "2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proliant_e910:-:*:*:*:*:*:*:*", matchCriteriaId: "236284B7-DC2E-40F8-A265-EE91469ADD9C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i7-10510y_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "27E24442-6697-4D2D-9515-43E4370474B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*", matchCriteriaId: "FD97F84B-ED73-4FFD-8634-10631FEE03EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-10310y_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "95BC9762-7F9A-483A-8C20-94481FD54000", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*", matchCriteriaId: "C8515D29-3823-4F9B-9578-8BB52336A2A7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-10210y_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4D188A7A-9456-4535-A230-C16033A22F21", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*", matchCriteriaId: "376B6DD7-1284-4BD9-88A4-5C34303CC5D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-10110y_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F130A798-2FCC-43DB-9A42-367C4BB580E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-10110y:-:*:*:*:*:*:*:*", matchCriteriaId: "62BFF15A-0C78-45BC-8E71-EDF624AC162D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i7-8500y_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2495E71F-8DE8-482E-A903-FA00E9A3C697", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*", matchCriteriaId: "957F3AC9-D071-4932-B2C9-1643FB78BC7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-8310y_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2CE8EAB7-E619-4140-9FF2-F01DD57DD286", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*", matchCriteriaId: "71294A32-F3DD-45EA-A0FC-C3EA0351FA29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-8210y_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "813C2CF3-2370-4FC9-86F1-85FA6597EDA6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*", matchCriteriaId: "6E62309E-1071-4569-8C9A-11748D629CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-8200y_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E9C3DCA2-6087-4286-A84A-6091149083C9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*", matchCriteriaId: "2AC12E92-33CB-4603-AC14-3351CE1D4E3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_m3-8100y_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E600C57D-AF4C-44F2-B1FB-E6B7D6CBE58F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*", matchCriteriaId: "E5AFFC8B-3AC1-49B4-9A73-18A3EC928591", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_8253_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D927F922-CAA0-4704-BA73-064AFAC3A7F8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_8253:-:*:*:*:*:*:*:*", matchCriteriaId: "0BF2BB51-3C3C-470E-8D2B-4DF68BABD783", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_8256_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0F98BA9B-65E5-4D65-8606-692D3141C779", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_8256:-:*:*:*:*:*:*:*", matchCriteriaId: "D29BE6E2-3F84-4D59-9081-5D496F3CAA88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_8260_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7A6DD2CE-76B9-4197-B097-F62678B870FC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_8260:-:*:*:*:*:*:*:*", matchCriteriaId: "11AEDC86-EF7D-4770-A77C-C8D1945A3452", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_8260l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "48A16123-A5D2-49A6-8DBB-C739B58CD8C0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_8260l:-:*:*:*:*:*:*:*", matchCriteriaId: "F986CC11-55A4-494C-BCB9-8DA8DAB8933C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_8260m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9651F3F9-CC5C-464B-A6D7-2F2FC8D32036", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_8260m:-:*:*:*:*:*:*:*", matchCriteriaId: "6F294F87-6173-4EA5-B58B-85F4F3FC9A82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_8260y_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BF361B23-A0FB-4188-9397-227C040E0716", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_8260y:-:*:*:*:*:*:*:*", matchCriteriaId: "ADB582F2-85D7-4E14-B915-2C1D32775122", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_8268_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F9AE46C6-610D-48BE-9D77-47BEE8254D62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_8268:-:*:*:*:*:*:*:*", matchCriteriaId: "9D1FC83B-1699-4761-BC26-EF40B70FC997", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_8270_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3319E69E-8BE8-42DD-8CC6-01B90CD198F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_8270:-:*:*:*:*:*:*:*", matchCriteriaId: "A197DA8A-C3EF-4A50-AFD4-8C9FACE7BAFF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_8276_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E913C215-27E1-4708-BBBA-A71BE1897509", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_8276:-:*:*:*:*:*:*:*", matchCriteriaId: "6EE4C360-A12A-4FDC-9B50-DFCBEA48DCB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_8276l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DD98AF43-A79D-48DF-8343-C74009FDAF95", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_8276l:-:*:*:*:*:*:*:*", matchCriteriaId: "94C08C64-ECA6-45ED-A413-8F44A7D1FBC7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_8276m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "00BD95C4-E1FA-4A94-9E7E-E551AA2EA1A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_8276m:-:*:*:*:*:*:*:*", matchCriteriaId: "6C8EFA24-FE2F-4B47-B73C-FAE6E50193F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_8280_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E726303-685C-4807-8AA9-8A4D7F16D7DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_8280:-:*:*:*:*:*:*:*", matchCriteriaId: "138173B1-68AB-47AD-A4EE-239304CDE372", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_8280l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "91E282BA-E56C-4C0F-A764-166825C8A040", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_8280l:-:*:*:*:*:*:*:*", matchCriteriaId: "D486B8BA-D431-4FF8-8541-25D7705C3AFA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_8280m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5A1BDB61-DBDC-4C67-A0B9-736130487789", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_8280m:-:*:*:*:*:*:*:*", matchCriteriaId: "B2A1158F-6165-41C4-91AE-5E9AC7210AFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_9220_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D644C7B6-D15E-4B5F-81DE-79290EB99611", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_9220:-:*:*:*:*:*:*:*", matchCriteriaId: "5E2F4BE5-9026-48CA-AB29-25BFE86E08E6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_9221_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9E8176AD-62A8-4B4E-8426-7F1235E929D3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_9221:-:*:*:*:*:*:*:*", matchCriteriaId: "F4BF66FD-AD34-47C3-8703-666B4D7D9036", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_9222_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BA25A1DA-2914-405F-B493-837D87BFD657", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_9222:-:*:*:*:*:*:*:*", matchCriteriaId: "DCA9A267-33F3-47CC-A0DE-785417CB11A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_9242_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7850F33C-4D9C-4639-B927-A82207EF2157", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_9242:-:*:*:*:*:*:*:*", matchCriteriaId: "0D833D03-6242-404D-984F-EFC891A4D54B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_9282_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "700B7592-D460-49E8-BCA8-410F370337AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_9282:-:*:*:*:*:*:*:*", matchCriteriaId: "61326A4A-B670-49FF-9CC1-77405920E969", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_5215_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCAE7305-6637-4927-B46C-29B487C11D33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_5215:-:*:*:*:*:*:*:*", matchCriteriaId: "49517E33-D5F7-41BA-9FFD-909FC659A4E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_5215l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FB705C1-0919-4AA2-9393-9BBCAC23C1A2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_5215l:-:*:*:*:*:*:*:*", matchCriteriaId: "0BBE3F53-5DCC-40CF-83DE-3FA8A883CBF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_5215m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E23DA7D4-3086-493E-97F6-3C84345A28A7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_5215m:-:*:*:*:*:*:*:*", matchCriteriaId: "D0EA0CC2-E673-4875-8A87-60927049DB6F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_5215r_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1A6972D2-390D-4707-A293-F86191D60F6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_5215r:-:*:*:*:*:*:*:*", matchCriteriaId: "CE35136C-540F-4C31-ACE3-6BAAE27B9EA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_5217_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6AF41286-0AB6-4354-AAA9-4C3120EF6DAF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_5217:-:*:*:*:*:*:*:*", matchCriteriaId: "D483E398-B918-4F02-A409-B8BD584C18E1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_5218_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "951795AD-3799-4090-80BC-D2DAF7B9197E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_5218:-:*:*:*:*:*:*:*", matchCriteriaId: "F8ED911C-340F-4D10-9DF3-C156EFD8D8F7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_5218b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E71DA16-070C-4CD1-81F8-30F211DAD76A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_5218b:-:*:*:*:*:*:*:*", matchCriteriaId: "3043F2BC-FB45-48F2-A3BC-D57E1243F17E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_5218n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "31B39E6E-9013-4545-9EB3-1766084E6144", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_5218n:-:*:*:*:*:*:*:*", matchCriteriaId: "AA39123E-A4D4-4273-88BC-94BB8E2E80FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_5218t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0C1DC0F9-72D9-4E9C-A969-493D7C6FD970", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_5218t:-:*:*:*:*:*:*:*", matchCriteriaId: "24CABD15-90E7-4E34-9929-18C0FCA18770", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_5220_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7FA2ED7A-5D38-4F16-B3C2-3D7FED7C994E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_5220:-:*:*:*:*:*:*:*", matchCriteriaId: "011670EB-2D98-4AC9-9D63-C5331F16AAB7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_5220r_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4C4E67D7-F377-4E4B-9499-8ACC91A105F3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_5220r:-:*:*:*:*:*:*:*", matchCriteriaId: "663E7CBA-AB87-4593-B5E1-EB0D35910CF3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_5220s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2D8161A8-1DBD-4E6B-8DA8-79E124CD56B6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_5220s:-:*:*:*:*:*:*:*", matchCriteriaId: "9290D21E-278C-426D-972C-D5A4923B30E6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_5220t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6744FAB2-671B-4006-B373-DBC27820252C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_5220t:-:*:*:*:*:*:*:*", matchCriteriaId: "A1FE8564-85F9-4947-A688-5985D1AE6AC1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_5222_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "609A2317-B20E-4025-97F8-BA74D6DA0A7C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_5222:-:*:*:*:*:*:*:*", matchCriteriaId: "5FDAEEA6-C3A9-4C1B-B9DA-63B67E67A6E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6222v_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "83284F5B-A039-4556-BA4C-27BF16811898", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6222v:-:*:*:*:*:*:*:*", matchCriteriaId: "660A7920-8AB2-4C8F-BF63-38FE9968F2DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6226_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BF6A2447-37E3-4D02-86DF-75BA200FF367", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6226:-:*:*:*:*:*:*:*", matchCriteriaId: "89628842-78DE-486E-9670-C46F9E0A695E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6230_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "68D0EA02-C8A4-4683-A4FE-8AF2E72FD346", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6230:-:*:*:*:*:*:*:*", matchCriteriaId: "0A64CB0E-0E96-4A3E-A091-8CA769393C7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6230n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8AC959F6-9671-44C7-B055-5F0E1263350D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6230n:-:*:*:*:*:*:*:*", matchCriteriaId: "984EA8D2-9D83-45A1-824D-BF9082896F4C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6230t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "52793911-3034-4084-940B-7C721EEF725F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6230t:-:*:*:*:*:*:*:*", matchCriteriaId: "57357F28-5263-4F70-A193-BC7FE4DF1CE8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6234_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "967259F1-4DC9-49FC-BBA3-FF37A74A988D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6234:-:*:*:*:*:*:*:*", matchCriteriaId: "668A4B4F-9C05-4284-AB45-A4A5B5D2FBAD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6238_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FC0D948-631F-494B-AB35-8A0966ABA4CF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6238:-:*:*:*:*:*:*:*", matchCriteriaId: "6FA293C8-DFD0-4AEF-AFC6-02A61C7CAD33", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6238l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E2884D7D-A9A0-4F74-A34C-00B754547474", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6238l:-:*:*:*:*:*:*:*", matchCriteriaId: "D5697841-097A-4C8A-B07F-B411EDB2D38F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6238m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A10F05D5-1AE7-400A-AC7A-F00AA1AFA6F8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6238m:-:*:*:*:*:*:*:*", matchCriteriaId: "745950EF-ED9F-4FF1-9714-2CE8AA4CDF07", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6238t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "58D2A705-571E-45B8-AF09-7647C29D2A9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6238t:-:*:*:*:*:*:*:*", matchCriteriaId: "BDEE8054-5683-4DF1-A58C-2638E6708CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6240_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1F10DB4A-744B-4C6C-A7A6-2CF182F13963", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6240:-:*:*:*:*:*:*:*", matchCriteriaId: "C82B8484-1FEE-444B-B422-2AADDCA8C4D3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6240l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17636B30-24E1-4C3B-85B0-D1FCF32B3DA5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6240l:-:*:*:*:*:*:*:*", matchCriteriaId: "12FB8906-F4E5-41E7-9CD4-CFC80BE41020", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6240m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D3B3D30A-37A7-4B51-9050-7E1EA3CB9ABA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6240m:-:*:*:*:*:*:*:*", matchCriteriaId: "67CE28D3-108E-4811-9480-FCC1B95FE132", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6240y_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "000F0EDB-370A-483C-B428-288CAAF6261B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6240y:-:*:*:*:*:*:*:*", matchCriteriaId: "E1D1EA80-08AB-4C6C-A8E8-8C6B7C3B4CE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6242_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2FFFCE38-6325-4466-9871-F40390B4E54D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6242:-:*:*:*:*:*:*:*", matchCriteriaId: "3A80346B-12C4-468C-8E87-049269C732C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6244_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AEF0DD92-E739-4AE1-8E51-83E2A27E0DF0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6244:-:*:*:*:*:*:*:*", matchCriteriaId: "75DBCDC5-1388-43A9-AF8E-BE6A05DEFC81", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6246_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0B29865B-EC51-4164-8F5E-05289CA0D198", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6246:-:*:*:*:*:*:*:*", matchCriteriaId: "7ECB174B-B235-4D26-9FFA-233AFE428A82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6248_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "03907542-C9AE-4E0B-A3F2-58D300D62A22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6248:-:*:*:*:*:*:*:*", matchCriteriaId: "CBB5BBDE-E5E2-474A-94FC-3CBF14A61D2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6252_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51FD732F-F5D3-4DBE-AEF4-4C2B2784D68F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6252:-:*:*:*:*:*:*:*", matchCriteriaId: "9D9451F2-04B7-4C1F-83F8-2766A866E401", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6252n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4A8846E0-BA7A-4426-A5D9-E91B01C00236", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6252n:-:*:*:*:*:*:*:*", matchCriteriaId: "92783A72-5A43-470F-A402-0ACC21722E73", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6254_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F6339774-DD97-4D95-A12D-7A9CA2659F92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6254:-:*:*:*:*:*:*:*", matchCriteriaId: "23EDBF24-8D46-4006-A690-D79428DCFB44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_6262v_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B182CE6B-50DA-41FC-89CB-D74A0BBD2B68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_6262v:-:*:*:*:*:*:*:*", matchCriteriaId: "7A459FF4-07AC-49C7-B7CA-AF97A997F3C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_4208_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "41DE84DE-214E-4125-93C5-DB1E4291EA6B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_4208:-:*:*:*:*:*:*:*", matchCriteriaId: "8EF69471-E209-4C2C-8ECD-D6231B9069A7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_4208r_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4DF7E7AA-39C9-4006-814E-FE3AAFCB25C1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_4208r:-:*:*:*:*:*:*:*", matchCriteriaId: "A155856F-F279-4095-AF87-268BB90AA9D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_4209t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3B7DCE4E-3195-4228-9491-C3374F0A610E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_4209t:-:*:*:*:*:*:*:*", matchCriteriaId: "3732AE58-8496-4314-86E2-B8039BF1B1C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_4210_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D8CC38C7-FD58-445C-BF21-6DA485E10E75", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_4210:-:*:*:*:*:*:*:*", matchCriteriaId: "A2F83818-64D0-4219-8DEB-716F0614B842", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_4210r_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BE8AD5AC-7CED-4C57-83CB-CAF5FB891F5D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_4210r:-:*:*:*:*:*:*:*", matchCriteriaId: "F8DBEAE8-0313-40DA-9C81-EDD14A16D2D4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_4214_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BDF2252C-624F-456A-A73F-3EEF6901F3AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_4214:-:*:*:*:*:*:*:*", matchCriteriaId: "F6F6A060-985A-4357-AF1B-79E22D20F01E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_4214c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B9298728-1039-44E0-8364-0BA535D8439A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_4214c:-:*:*:*:*:*:*:*", matchCriteriaId: "8CCEAF57-5F6C-4EE7-A256-FC93C493CA46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_4214r_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0392E515-7C04-4003-BC42-0674E55B97FC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_4214r:-:*:*:*:*:*:*:*", matchCriteriaId: "22A52E84-1D29-400A-AD48-0C126D5F2362", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_4214y_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "65E5E40A-84C0-4C47-9BCB-12038D8F18D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_4214y:-:*:*:*:*:*:*:*", matchCriteriaId: "472453F1-923B-4BAC-A424-23660A850ADD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_4215_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "07862A92-E3A0-4482-AF95-E8EA22F6B00E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_4215:-:*:*:*:*:*:*:*", matchCriteriaId: "44179A12-7879-4BC7-86E8-7CC74DD0B6F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_4216_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4416A15B-1B14-4C3F-BC84-CB90B93CF254", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_4216:-:*:*:*:*:*:*:*", matchCriteriaId: "6E70BE52-A032-44BE-B492-8890AC5A634E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_4216r_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B14C3F2C-A5FD-4106-8D05-9AC52B70A30C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_4216r:-:*:*:*:*:*:*:*", matchCriteriaId: "12EF1D06-814A-4F46-AAA3-A04B1C54FE78", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_3204_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BF093B50-2F3C-4B20-9F3D-66CD306B1F4F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_3204:-:*:*:*:*:*:*:*", matchCriteriaId: "B8A7CA0D-9DB0-4905-B65A-52F731B33904", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_3206r_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "990CA598-5320-49F8-8307-B482E8A87F82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_3206r:-:*:*:*:*:*:*:*", matchCriteriaId: "4F262205-C8F7-4BBC-9062-24B64AA9D386", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-3275m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2550330E-3A54-45BD-8B2F-8CD8D5561DA1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-3275m:-:*:*:*:*:*:*:*", matchCriteriaId: "F693457C-3529-4E62-A672-1B862F235D0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-3275_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25CC3D78-CE53-4ADF-9D6B-73255508FCDA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-3275:-:*:*:*:*:*:*:*", matchCriteriaId: "AE519C62-F5BB-461C-91EF-2979CD506C63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-3265m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6E23B39A-513F-4388-8F28-C711414E2BF6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-3265m:-:*:*:*:*:*:*:*", matchCriteriaId: "020B6FED-EAE2-478C-8FF4-CB75F24E9A9D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-3265_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "97A8F5B9-B820-4E84-9863-FF734DE45B9E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-3265:-:*:*:*:*:*:*:*", matchCriteriaId: "2215D655-0EA9-4530-AB68-7B1C7360D692", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-3245m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "93849DA1-D6A5-4FA2-99F1-D8AD3B4DE8CE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-3245m:-:*:*:*:*:*:*:*", matchCriteriaId: "35380FB9-90FF-405F-8E2E-01C1DD209540", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-3245_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A054F0CE-BD0C-4E56-9EBA-79A113FCA659", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-3245:-:*:*:*:*:*:*:*", matchCriteriaId: "DF9E723E-1095-424E-A90D-380CA0D2795E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-3235_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AF1FA2A8-5000-4E03-B659-1112C4EAA1A4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-3235:-:*:*:*:*:*:*:*", matchCriteriaId: "C39B6A99-7060-4011-8FA3-E5ABE5C02813", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-3225_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D53DDDB1-DA94-4BC2-A934-4FFE55F0D1E7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-3225:-:*:*:*:*:*:*:*", matchCriteriaId: "3ECEBDB0-2E0A-416B-9737-82C1FC65A06C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-3223_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8F619828-436D-4A0B-84F6-968893B96710", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-3223:-:*:*:*:*:*:*:*", matchCriteriaId: "ADA1FA19-A836-4D6A-8C2D-718ECE6866D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-2295_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87F3E569-3A87-4D31-B80A-E0FD74B25AFE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-2295:-:*:*:*:*:*:*:*", matchCriteriaId: "D1340A29-3428-4FAD-AA07-7F625915E34D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-2275_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "21189344-DC9C-4DAD-A33A-C0A9004BFD4F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-2275:-:*:*:*:*:*:*:*", matchCriteriaId: "750A77C5-1367-4E04-9ABF-1AB2D46C29C6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-2265_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8EF592A6-20F6-4220-8A9C-282F21EBCBF7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-2265:-:*:*:*:*:*:*:*", matchCriteriaId: "C6D23470-A702-426D-A63C-4F7BAC158762", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-2255_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3D0A0072-4ECD-4F88-8BA5-8BDB026F95B2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-2255:-:*:*:*:*:*:*:*", matchCriteriaId: "2ADF328B-D286-4C36-9F21-11A58D55D03A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-2245_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "42A4C795-500D-4B83-8DC5-327E011BA7E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-2245:-:*:*:*:*:*:*:*", matchCriteriaId: "D132291B-AADD-49E3-ADD6-333E1F1D8DFE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-2235_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5E8852E4-C6AF-41D1-AF12-646B06C99600", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-2235:-:*:*:*:*:*:*:*", matchCriteriaId: "AC75E5CF-4241-45A8-AD45-1F7F077CEEA1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-2225_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "32D47430-800D-43F5-AA6E-8852969BEFAB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-2225:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD8EE0E-2BA3-49DD-91D1-81AB67F16475", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_w-2223_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2D44FD82-EEBB-4388-B346-EB29B852F2EA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w-2223:-:*:*:*:*:*:*:*", matchCriteriaId: "708D6E00-A2E5-4B08-88E7-C872ACFC341D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i9-9980hk_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AD455EBB-69AE-464A-93AA-13227FBD17E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i9-9980hk:-:*:*:*:*:*:*:*", matchCriteriaId: "A48A2969-DC53-48E2-A5CA-4DF2B00D1960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i9-9880h_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F9A727A1-219F-4B78-B490-0E47340B38F3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i9-9880h:-:*:*:*:*:*:*:*", matchCriteriaId: "659206BB-510A-47F8-8B6E-FD030A6BE1DA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i7-9850h_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB8CB49-D52E-4C92-9CD5-465615916213", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i7-9850h:-:*:*:*:*:*:*:*", matchCriteriaId: "4D0320CB-05E3-4D5B-BCEF-D862566B0AA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i7-9750hf_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "455BC769-5B19-4B91-844B-15B4FB2401E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i7-9750hf:-:*:*:*:*:*:*:*", matchCriteriaId: "31CD303F-AAE9-4635-987D-742031232BDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-9400h_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D95AB3F9-7B28-46F8-8882-4976DBBCC767", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-9400h:-:*:*:*:*:*:*:*", matchCriteriaId: "85F465BF-4548-45EB-AC40-384F4E6248EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-9300h_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "37E9BA09-E255-438E-9938-3F51A78A3331", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-9300h:-:*:*:*:*:*:*:*", matchCriteriaId: "9A735A90-47E1-44C6-AE76-F6C7FFDCD4D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i9-9900k_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BA036BD6-38AF-4763-9B84-8CD7019BF262", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i9-9900k:-:*:*:*:*:*:*:*", matchCriteriaId: "7C3257F5-CA55-4F35-9D09-5B85253DE786", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i9-9900kf_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DD9D4C3C-BD9C-4AF1-92BF-127D9A6B7B44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i9-9900kf:-:*:*:*:*:*:*:*", matchCriteriaId: "B6F8CEA0-1CD6-4F17-85E3-C1CB04D9833A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i7-9700k_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6CCE2EBC-82FE-49AB-857B-403C7ACE5091", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i7-9700k:-:*:*:*:*:*:*:*", matchCriteriaId: "1FB0C1DA-60C6-4C9E-99D6-7A47696DACD8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i7-9700kf_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1163CF40-4D70-4965-8229-B102D754ECD2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i7-9700kf:-:*:*:*:*:*:*:*", matchCriteriaId: "F2EB81B1-7DEF-4CC3-ADC9-A4CB1042E406", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-9600k_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B26CE379-73B5-4E3C-B0B2-7550A3A670BC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-9600k:-:*:*:*:*:*:*:*", matchCriteriaId: "B1DFFFEB-CC63-4F51-8828-C5D4E0287264", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-9600kf_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "79F5E016-5AB5-4DB5-BDB0-75AE14253413", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-9600kf:-:*:*:*:*:*:*:*", matchCriteriaId: "B176D141-26B0-477E-B2DB-2E48D6FB82AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-9400_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8AA0AF35-BED8-41EC-831A-57CFA7A5F0D0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-9400:-:*:*:*:*:*:*:*", matchCriteriaId: "8AC9F52F-6669-459A-A0A9-8F472E1F2761", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-9400f_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4DDD41-51CD-40FF-BCB0-29D559C1CAD5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-9400f:-:*:*:*:*:*:*:*", matchCriteriaId: "A7E91B92-4DB7-4866-8370-C6F8616D3D81", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_e-2288g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3540784A-1B0B-41EE-AB66-A293AC400C39", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*", matchCriteriaId: "5EA930BC-EF68-4AD5-AA1B-0659358028D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_e-2286m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "39616E34-9182-485B-B6AE-566DE2E77AA5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_e-2286m:-:*:*:*:*:*:*:*", matchCriteriaId: "556637E1-9502-41E7-B91D-082C92F233A1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_e-2278gel_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F68C14E0-5711-4D18-B529-AA0EE3BDC99C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_e-2278gel:-:*:*:*:*:*:*:*", matchCriteriaId: "60B582A1-784C-4BE8-A0D5-706DE01D769E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_e-2278ge_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0DFD79A0-2F24-484C-AD4A-D58B7414788E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_e-2278ge:-:*:*:*:*:*:*:*", matchCriteriaId: "00912C9C-D386-445E-B390-E96361ECDFA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:xeon_e-2278g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7C02909B-E06F-4786-ABB9-ACF5D9C5E4D0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*", matchCriteriaId: "63650DBF-4DBD-4655-AE93-5CBE53F8E0FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i7-10510u_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0D449326-502E-488D-9933-863B9CF997FC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*", matchCriteriaId: "494A828B-F2BF-40CA-AAFB-7D2AF2BAF3AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-10210u_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "16920A34-D1CE-4F1A-BCF7-045E3B3AA9AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*", matchCriteriaId: "71615EAF-4DF4-4B9E-BF34-6ED0371A53D7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:pentium_6405u_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B3408FB7-9D72-4FC2-8E54-5248B6722755", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:pentium_6405u:-:*:*:*:*:*:*:*", matchCriteriaId: "65FEB59A-6AF4-4E64-8BE9-437178D1EA0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:celeron_5305u_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C2F8F8B9-FBAC-43AE-AB18-86FF0A2C5DA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:celeron_5305u:-:*:*:*:*:*:*:*", matchCriteriaId: "39831D4E-743A-4C09-900F-24DDAB5D1B22", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i7-8565u_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "50E893B9-92D2-4EA9-BDC6-0E73CA4EE484", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*", matchCriteriaId: "F41025AC-6EFE-4562-B1D1-BAB004875B06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i7-8665u_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7DF86B5D-4B93-4DFA-945E-723F49D90F1C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*", matchCriteriaId: "34DD3CCB-91D5-48D6-80BC-CA643385BCE4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-8365u_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "78DB74AB-9D98-40B0-9715-EF934125C228", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*", matchCriteriaId: "C9054F35-AAB5-481E-B512-EDF4C3F2EA2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:core_i5-8265u_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A7001A74-CFF9-4CBB-A72B-E476C22ADF07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*", matchCriteriaId: "6D3E166F-3D9F-4D0D-924A-147883598EA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*", matchCriteriaId: "93A089E2-D66E-455C-969A-3140D991BAF4", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.1:*:*:*:*:*:*:*", matchCriteriaId: "445D0C8B-E07B-4F58-9F88-D5B244DAF41B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "860EA789-CC44-409C-882D-4FC4CAB42912", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "B399239A-5211-4174-9A47-A71DBA786426", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:*", matchCriteriaId: "8BE16CC2-C6B4-4B73-98A1-F28475A92F49", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.2:*:*:*:*:*:*:*", matchCriteriaId: "E938A8EB-68FE-427B-B67E-C880FBF54BBE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", matchCriteriaId: "92BC9265-6959-4D37-BE5E-8C45E98992F8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "831F0F47-3565-4763-B16F-C87B1FF2035E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "0E3F09B5-569F-4C58-9FCA-3C0953D107B5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", matchCriteriaId: "6C3741B8-851F-475D-B428-523F4F722350", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "6897676D-53F9-45B3-B27F-7FF9A4C58D33", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "E28F226A-CBC7-4A32-BE58-398FA5B42481", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", matchCriteriaId: "76C24D94-834A-4E9D-8F73-624AFA99AAA2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "B09ACF2D-D83F-4A86-8185-9569605D8EE1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "AC10D919-57FD-4725-B8D2-39ECB476902F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", matchCriteriaId: "1272DF03-7674-4BD4-8E64-94004B195448", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.", }, { lang: "es", value: "Una condición de tipo TSX Asynchronous Abort en algunas CPU que utilizan ejecución especulativa puede habilitar a un usuario autenticado para permitir potencialmente una divulgación de información por medio de un canal lateral con acceso local.", }, ], id: "CVE-2019-11135", lastModified: "2024-11-21T04:20:35.583", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-14T19:15:13.113", references: [ { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html", }, { source: "secure@intel.com", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/12/10/3", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/12/10/4", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/12/11/1", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3936", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0026", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0028", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0204", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0279", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0366", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0555", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0666", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0730", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10306", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/12/msg00035.html", }, { source: "secure@intel.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/", }, { source: "secure@intel.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Dec/28", }, { source: "secure@intel.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Nov/26", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2020/Jan/21", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-56", }, { source: "secure@intel.com", url: "https://support.f5.com/csp/article/K02912734?utm_source=f5support&%3Butm_medium=RSS", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03968en_us", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4186-2/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4602", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html", }, { source: "secure@intel.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/12/10/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/12/10/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/12/11/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3936", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0026", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0028", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0204", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0279", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0366", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0555", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0666", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0730", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10306", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/12/msg00035.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Dec/28", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Nov/26", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2020/Jan/21", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-56", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.f5.com/csp/article/K02912734?utm_source=f5support&%3Butm_medium=RSS", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03968en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4186-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4602", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-10-09 22:29
Modified
2024-11-21 03:55
Severity ?
Summary
Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qemu | qemu | * | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| redhat | virtualization | 4.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | virtualization_manager | 4.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", matchCriteriaId: "02BA5FF1-C9FB-4F3F-BA74-5BBC9B7FA9EC", versionEndIncluding: "3.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", matchCriteriaId: "07C312A0-CD2C-4B9C-B064-6409B25C278F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*", matchCriteriaId: "9FA1A18F-D997-4121-A01B-FD9B3BF266CF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.", }, { lang: "es", value: "Qemu tiene un desbordamiento de búfer en rtl8139_do_receive en hw/net/rtl8139.c debido a que se emplea un tipo de datos de enteros incorrecto.", }, ], id: "CVE-2018-17958", lastModified: "2024-11-21T03:55:16.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-10-09T22:29:00.813", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2018/10/08/1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105556", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2425", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2553", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03269.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/May/76", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3826-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4454", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2018/10/08/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105556", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2425", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2553", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03269.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/May/76", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3826-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4454", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-02-20 16:29
Modified
2024-11-21 04:49
Severity ?
Summary
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*", matchCriteriaId: "AF0E68F9-B5C2-4419-8530-866FD2DABFB7", versionEndExcluding: "3.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*", matchCriteriaId: "6BA71059-1A13-4A57-B6DD-98A79FA0630E", versionEndExcluding: "4.3.1", versionStartIncluding: "4.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EA130AF7-C25F-4C0B-ACAF-E7436C722431", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "ADEF9870-DBD7-4603-90B7-7BF14ED4B7C5", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "533D1068-0BF4-40ED-B28F-E98BF0F18454", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "FC5CA1E2-341C-42A9-88AC-E6C83DED0B9D", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1845A169-7B6C-4B7D-B8FC-0245DC1B4EEF", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C5C8CEBF-CEE7-4D05-AB46-1F22C3C29889", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "37BF8F88-0F8D-45F9-95FF-052434599267", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "16EBA08B-8FBD-47BE-A5BE-F5145788E8CB", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "09F6EC13-4398-48CB-B999-14FABE281247", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "CF28DE16-F322-42DB-B0E6-67489DD258F6", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "5A5BC28E-1780-4BDF-AF73-3477CC983B6A", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "9228FA0A-8745-4731-A214-5A8AC0AA902A", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5F3CFB0D-DDA1-4CFF-BAB4-96EF72F4F777", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4115BD48-6E2A-4321-8EB7-ACCDF6CC6321", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1261AE74-41AF-4848-9AD9-46918C46845B", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8BC7ABB7-2FA9-42CA-9BEF-241A91F317FF", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2C21D1B2-2424-4A56-A179-431EDC41B929", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "93521D73-6412-4E80-B210-65CA6DAC8EA4", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "ADFDF244-00AA-4BD9-A255-24CAF55CD6F0", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E08E3F72-4CEF-4607-8B27-515E6471B9D1", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "E69B6320-088E-445D-8863-34CF67F172F3", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "DBA2F9FE-071E-411E-8E1F-3A8FA34D708F", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "34683A8C-E7B3-4DC4-9934-A55A44181B18", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9BE59364-3DB3-4528-AFC4-D3A39872514D", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "E7DEDB9D-58DB-45EB-91EA-8A6694E4F29A", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "CD847946-00F8-44BE-A9C1-2D3CAA1BD63C", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "09B13A2F-D302-416C-916E-4642CC46D9F6", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "EEA3324A-4661-4CCF-9E40-DD50162542A0", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "95EDA820-6FDE-44B9-89CE-B83847416CF4", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "1A077B3F-F587-47FA-912A-9816EADA9CFA", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "5F14E9A0-3E7E-440E-B323-BED2D3E3F221", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "F14F10D9-4F2D-4C6D-8B0C-9775ED35DFEF", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "DFF4B95E-40C6-4C8F-81BD-172A907CA5FD", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "93F6D55C-8873-470A-9E93-42F6A2DDE07F", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F72B979A-B35A-464D-BCA1-2A5BD0A29886", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "14CEF743-6C3B-4D90-99BF-6A27B37ADAEA", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "BFA7EEBD-F6F6-4243-B57D-BE210D8E16CF", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "787DA0E4-D4A0-4622-8AC0-9386EE3F62B0", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "EC366757-92D1-49ED-A641-47139AEEF613", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "542EB351-79B1-4A9D-A5A1-2F3E0E88963C", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "591EA641-C103-4575-97D5-15D41B20E581", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5C1BEC52-BC21-4996-A34F-4D9DF4D2F087", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8CA439FF-659C-4F34-9CBD-76D95A96E063", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "895E610D-52F6-45CA-B205-D110A1DC6BEC", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9866C62F-DA11-43B1-B475-A07B1B58933D", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "12351892-247E-477C-8C50-E0DA37F6A716", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "90D4E2C9-4353-49E7-B5C7-E9E7140F49AC", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4B114C6C-E950-4B75-B341-022799ABBACF", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "BC99D7B3-65E5-4C9E-9D34-FF9161295F86", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "A6C6F80B-85DC-461E-9BF9-6EF41C467243", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "E0C65C13-C852-4A12-BFC0-A4DB201FFCAF", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "57FD7F09-9829-42B0-913E-A43129AD758B", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*", matchCriteriaId: "9FA1A18F-D997-4121-A01B-FD9B3BF266CF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.", }, { lang: "es", value: "En Bootstrap, en versiones anteriores a la 3.4.1 y versiones 4.3.x anteriores a la 4.3.1, es posible Cross-Site Scripting (XSS) en los atributos de data-template tooltip o popover.", }, ], id: "CVE-2019-8331", lastModified: "2024-11-21T04:49:42.020", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-02-20T16:29:00.837", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107375", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/twbs/bootstrap/pull/28236", }, { source: "cve@mitre.org", tags: [ "Product", "Third Party Advisory", ], url: "https://github.com/twbs/bootstrap/releases/tag/v3.4.1", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/twbs/bootstrap/releases/tag/v4.3.1", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714%40%3Cissues.hbase.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K24383845", }, { source: "cve@mitre.org", url: "https://support.f5.com/csp/article/K24383845?utm_source=f5support&%3Butm_medium=RSS", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107375", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/twbs/bootstrap/pull/28236", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Third Party Advisory", ], url: "https://github.com/twbs/bootstrap/releases/tag/v3.4.1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/twbs/bootstrap/releases/tag/v4.3.1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714%40%3Cissues.hbase.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K24383845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.f5.com/csp/article/K24383845?utm_source=f5support&%3Butm_medium=RSS", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-07-26 00:15
Modified
2024-11-21 04:19
Severity ?
Summary
Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lodash:lodash:*:*:*:*:*:node.js:*:*", matchCriteriaId: "5C21E48F-F34A-4124-9EF1-C106EB3B2209", versionEndExcluding: "4.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*", matchCriteriaId: "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", matchCriteriaId: "B55E8D50-99B4-47EC-86F9-699B67D473CE", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "7081652A-D28B-494E-94EF-CA88117F23EE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*", matchCriteriaId: "9FA1A18F-D997-4121-A01B-FD9B3BF266CF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*", matchCriteriaId: "EABAFD73-150F-4DFE-B721-29EB4475D979", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_extensibility_workbench:14.4.0:*:*:*:*:*:*:*", matchCriteriaId: "DE57039D-E2EE-4014-A7B1-D7380D26098E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EE0532FA-7B7B-46B3-AB10-0920034A7E43", versionEndExcluding: "12.1.5.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "592327AA-BCC4-4CD0-82C6-EA739F049E82", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2980BE62-6B8C-4E2A-B4EF-38A23E1CCD21", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E9170095-A9BB-4D24-9925-39256D7CE2C6", versionEndExcluding: "15.0.1.4", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "56414352-0A79-4ED2-B670-D7CC9508FA9D", versionEndExcluding: "15.1.0.2", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3B3DCE49-C37D-4951-AB57-7CDDEBA1C1E5", versionEndExcluding: "12.1.5.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3DD78D19-D17E-45EC-98C7-74D086AE68AA", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "322E6570-185C-4413-A7CE-674CBAE95D05", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5B59E16D-7645-492A-9C1D-A8724FFCA28F", versionEndExcluding: "15.0.1.4", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0BA6818C-DCCE-4347-935A-CE6BA0014CDE", versionEndExcluding: "15.1.0.2", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "5D5AA99B-08E7-4959-A3B4-41AA527B4B22", versionEndIncluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "4AC8FD5C-AE1A-4484-BB6F-EBB6A48D21F8", versionEndIncluding: "13.1.3", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "EC15881B-9C49-4E77-9FB6-A6E60D0BCAD3", versionEndIncluding: "14.1.2", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "D29F60E2-E39D-46E8-935E-8E0A0D32E262", versionEndExcluding: "15.0.1.3", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "F302F7BC-A08A-4DB3-A257-699C7DBDCAB0", versionEndExcluding: "15.1.0.2", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5D3F7911-FB00-4612-9109-9E7A407BC7B7", versionEndExcluding: "12.1.5.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B547F46F-5563-4E7F-8B69-3D25C6C58521", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "78753BD2-6631-459D-AD89-0FE2C0F3FDD5", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "997D12F1-098D-4C42-A6A2-B4F59AC78F0F", versionEndExcluding: "15.0.1.4", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "45920B7E-10A6-4066-87AB-60D584689891", versionEndExcluding: "15.1.0.2", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "91BF72A9-EB50-4315-B956-5926967DCC46", versionEndExcluding: "12.1.5.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4AEE0B76-3F8E-420A-9589-BF3FDB942DEB", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "DA9E370F-2A37-4612-91DD-2B1FD7EECCE7", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E6C4B56F-D022-4268-9D78-6E4D12AE9215", versionEndExcluding: "15.0.1.4", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "53CA3EC2-CE36-4388-A7A9-4311AD80A8B2", versionEndExcluding: "15.1.0.2", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", matchCriteriaId: "5043F299-FEE6-4878-8616-D2976FAC2BDF", versionEndExcluding: "12.1.5.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", matchCriteriaId: "E59859F8-3BF6-4BE3-8E4B-DF3B68303B22", versionEndIncluding: "13.1.3", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", matchCriteriaId: "024C7911-8C97-4A94-8F0B-18BE2109A499", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", matchCriteriaId: "9E14CCF2-E795-4763-A560-2C54C55619BE", versionEndExcluding: "15.1.1", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "73EC8EDA-669A-4750-934F-3B3FBF557080", versionEndExcluding: "12.1.5.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "C7917031-0735-483C-A8DA-11430056D568", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5E10BF5A-2BD0-4791-B842-358968AFC9E6", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "EAFC0D83-7F64-44F2-A014-37DE3CAF846A", versionEndExcluding: "15.0.1.4", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "6419B4B3-DE7A-4B72-BFFC-6C646AC07BB7", versionEndExcluding: "15.1.0.2", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "5C3C6E77-BB41-48AA-AFEA-8C6F18BE7025", versionEndExcluding: "12.1.5.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "156F3B54-1827-4048-AACD-835092853943", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "206B46BD-846A-493C-BC83-531E6CD45F5A", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "DC1CC599-DA9C-46BD-9C5C-FD25D57AE9D6", versionEndExcluding: "15.0.1.4", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "C00CAEFA-C255-4C0B-8DE1-12686EC7D09B", versionEndExcluding: "15.1.0.2", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "A0581EEF-98E6-4961-8178-BA2D7647F931", versionEndExcluding: "12.1.5.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "FFC5C221-AE58-4580-876A-E5FD7970A695", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "27A9FAF9-7198-41FD-B093-AE11DD5AD67B", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "920BC3DD-A1D4-403B-83D2-00636C20FFC0", versionEndExcluding: "15.0.1.4", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "2BDD592C-6DBC-4A35-8483-ACC471FF92E3", versionEndExcluding: "15.1.0.2", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "32773569-67FE-4F08-A613-E507FCDEACEF", versionEndExcluding: "12.1.5.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "463AA399-492A-4DB6-BFD1-31725012AE8F", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "94F1100B-0EE4-41A7-AD34-336D4335751D", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "49C8BE4A-DED6-451A-B6EE-AC95DD26F85A", versionEndExcluding: "15.0.1.4", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B3087972-862F-4A0D-9D9D-38BAB9D383F4", versionEndExcluding: "15.1.0.2", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "4494F771-4026-478C-8004-B162653DC80C", versionEndExcluding: "12.1.5.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "98314370-E3C8-4CB5-9F48-57004EB96D8F", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "929E75AD-5DC4-4992-A589-BA4516BC38FA", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "DEC0E30F-6550-4BC9-8DA7-6BD495DBF415", versionEndExcluding: "15.0.1.4", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "45641A58-0B5B-48C6-B0A3-0822A86A00AC", versionEndExcluding: "15.1.0.2", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "A97489DC-A5DE-48AD-BBA2-F9078070F53A", versionEndExcluding: "12.1.5.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "FBF128B7-874B-4E3A-B52F-1C2DE34F64A9", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "50AB72FA-552D-4B37-9C58-B4AB3B7B989A", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D5D90F4A-FA2A-412F-8591-D1CA6399ECAD", versionEndExcluding: "15.0.1.4", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8B5F9367-89D5-4D7D-A0FE-6C289E0A606C", versionEndExcluding: "15.1.0.2", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1EDB944B-DF60-45AF-AD60-33E9667E0D12", versionEndExcluding: "12.1.5.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "20C58940-C7A3-47A9-8C9E-7B652E4F4750", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "DA5A4B1B-F4F0-4053-8756-2C84AA885060", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BAD2867D-D646-4B01-A383-6A47B51D059E", versionEndExcluding: "15.0.1.4", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D7C50229-3A95-4AA8-A720-4D35FF482DC3", versionEndExcluding: "15.1.0.2", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "02CB8916-A9ED-4935-BFBD-5C9E8D45379E", versionEndExcluding: "12.1.5.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "5853A161-2F92-4298-A70A-03A66DED157C", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "A86EF843-B0CB-4FB0-9E0A-51F7DD3BD44B", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "126DC4FA-E5EB-43E1-83F9-19F29E852E03", versionEndExcluding: "15.0.1.4", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "0064DE79-D6D6-4AE0-BF10-BF91FF9158DF", versionEndExcluding: "15.1.0.2", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*", matchCriteriaId: "F37D18F2-8C6A-4557-85DC-2A751595423C", versionEndIncluding: "6.1.0", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_centralized_management:5.4.0:*:*:*:*:*:*:*", matchCriteriaId: "A5C1DACF-0562-4A41-A9EC-60D1DC065007", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_centralized_management:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2B589C35-55F2-4D40-B5A6-8267EE20D627", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:iworkflow:2.3.0:*:*:*:*:*:*:*", matchCriteriaId: "D3CE7526-9630-48EF-81FB-44904AF0653F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.", }, { lang: "es", value: "Las versiones de lodash inferiores a 4.17.12, son vulnerables a la Contaminación de Prototipo. La función defaultsDeep podría ser engañada para agregar o modificar las propiedades de Object.prototype usando una carga útil de constructor.", }, ], id: "CVE-2019-10744", lastModified: "2024-11-21T04:19:50.123", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-07-26T00:15:11.217", references: [ { source: "report@snyk.io", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { source: "report@snyk.io", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20191004-0005/", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-LODASH-450202", }, { source: "report@snyk.io", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K47105354?utm_source=f5support&%3Butm_medium=RSS", }, { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20191004-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-LODASH-450202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K47105354?utm_source=f5support&%3Butm_medium=RSS", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, ], sourceIdentifier: "report@snyk.io", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-1321", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-05-22 12:29
Modified
2024-11-21 04:05
Severity ?
Summary
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:intel:atom_c:c2308:*:*:*:*:*:*:*", matchCriteriaId: "CD028C10-FD07-4206-A732-CCAC1B6D043D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3308:*:*:*:*:*:*:*", matchCriteriaId: "A93010C0-33B3-438F-94F6-8DA7A9D7B451", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3338:*:*:*:*:*:*:*", matchCriteriaId: "2A988A78-6B3D-4599-A85C-42B4A294D86D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3508:*:*:*:*:*:*:*", matchCriteriaId: "1D7C5EF4-3A92-4AF7-9B11-62B4FFDC5128", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3538:*:*:*:*:*:*:*", matchCriteriaId: "246AA1B0-B6C8-406B-817D-26113DC63858", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3558:*:*:*:*:*:*:*", matchCriteriaId: "00EE5B42-FF05-447C-BACC-0E650E773E49", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3708:*:*:*:*:*:*:*", matchCriteriaId: "B0779CC9-BD39-4E0B-B523-A6C69F9EBB0C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3750:*:*:*:*:*:*:*", matchCriteriaId: "A1F0E3C4-7E9B-435F-907E-4BF4F12AF314", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3758:*:*:*:*:*:*:*", matchCriteriaId: "5D616C72-0863-478C-9E87-3963C83B87E8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3808:*:*:*:*:*:*:*", matchCriteriaId: "CC333B0D-3A0E-4629-8016-68C060343874", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3830:*:*:*:*:*:*:*", matchCriteriaId: "6655535C-FF64-4F9E-8168-253AABCC4F5D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3850:*:*:*:*:*:*:*", matchCriteriaId: "B1EDEA1E-9A19-4B3F-806E-D770D1AB4C73", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3858:*:*:*:*:*:*:*", matchCriteriaId: "BBD68F3F-7E38-40B9-A20B-B9BB45E8D042", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3950:*:*:*:*:*:*:*", matchCriteriaId: "1EACEF19-83BC-4579-9274-BE367F914432", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3955:*:*:*:*:*:*:*", matchCriteriaId: "1CC73291-AA6F-40B0-860A-1F2E6AB1E2AC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3958:*:*:*:*:*:*:*", matchCriteriaId: "24128A7F-2B0B-4923-BA9E-9F5093D29423", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_e:e3805:*:*:*:*:*:*:*", matchCriteriaId: "0990DD71-9E83-499D-9DAF-A466CF896CFA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_e:e3815:*:*:*:*:*:*:*", matchCriteriaId: "9B7FEDEF-9772-4FB1-9261-020487A795AA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_e:e3825:*:*:*:*:*:*:*", matchCriteriaId: "FE7B0F72-DEDF-40C4-887C-83725C52C92E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_e:e3826:*:*:*:*:*:*:*", matchCriteriaId: "9568C222-9816-4520-B01C-C1DC2A79002D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_e:e3827:*:*:*:*:*:*:*", matchCriteriaId: "4B2F8FAD-1688-4369-BB4B-9FA9F30A80A9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_e:e3845:*:*:*:*:*:*:*", matchCriteriaId: "53A1F23D-7226-4479-B51F-36376CC80B04", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*", matchCriteriaId: "454AC633-5F1C-47BB-8FA7-91A5C29A1DD5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*", matchCriteriaId: "A2394E8C-58D9-480B-87A7-A41CD7697FC6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*", matchCriteriaId: "1B9AC02B-D3AE-4FAF-836E-55515186A462", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z2420:*:*:*:*:*:*:*", matchCriteriaId: "65AAC7A7-77CA-4C6C-BD96-92A253512F09", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z2460:*:*:*:*:*:*:*", matchCriteriaId: "FCD16C07-0050-495A-8722-7AC46F5920F9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z2480:*:*:*:*:*:*:*", matchCriteriaId: "01423706-C82C-4457-9638-1A2380DE3826", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z2520:*:*:*:*:*:*:*", matchCriteriaId: "A881E2D3-A668-465F-862B-F8C145BD5E8D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z2560:*:*:*:*:*:*:*", matchCriteriaId: "3E5B9B98-0EF0-4ACD-B378-F9DE5AB36CBB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z2580:*:*:*:*:*:*:*", matchCriteriaId: "4BDC6806-E4FC-4A6E-A6BB-88C18E47ABFA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z2760:*:*:*:*:*:*:*", matchCriteriaId: "6602DD69-E59A-417D-B19F-CA16B01E652C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3460:*:*:*:*:*:*:*", matchCriteriaId: "05C493EE-EF9F-47E2-8F88-86DF6C5F1FF9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3480:*:*:*:*:*:*:*", matchCriteriaId: "40010DAE-DD1A-4A81-B6E9-EDC1B0DDCAB0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3530:*:*:*:*:*:*:*", matchCriteriaId: "ED96AC16-12CC-43F6-ACC8-009A06CDD8F5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3560:*:*:*:*:*:*:*", matchCriteriaId: "2CE9DC29-C192-4553-AF29-D39290976F47", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3570:*:*:*:*:*:*:*", matchCriteriaId: "F625E647-B47E-404C-9C5B-72F3EB1C46F5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3580:*:*:*:*:*:*:*", matchCriteriaId: "E3AF3279-89E7-4C91-8C5F-5AD5937CD0C4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3590:*:*:*:*:*:*:*", matchCriteriaId: "B5878612-9825-4737-85A5-8227BA97CBA5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3735d:*:*:*:*:*:*:*", matchCriteriaId: "F453D348-28CE-402B-9D40-A29436A24ECC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3735e:*:*:*:*:*:*:*", matchCriteriaId: "36322F4B-83D7-468A-BB34-1C03729E9BF3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3735f:*:*:*:*:*:*:*", matchCriteriaId: "0AD22811-C3C6-4B5E-98D5-D3F2240E6C8C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3735g:*:*:*:*:*:*:*", matchCriteriaId: "A3C7D0BA-8F07-42AD-8BB9-C65472BE41C1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3736f:*:*:*:*:*:*:*", matchCriteriaId: "B0A2A50E-94FA-44E9-A45D-3016750CFBDA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3736g:*:*:*:*:*:*:*", matchCriteriaId: "5625CAD8-4A62-4747-B6D9-90E56F09B731", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3740:*:*:*:*:*:*:*", matchCriteriaId: "43A234CE-D6AA-4A32-8425-1A4DDA0F6B6D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3740d:*:*:*:*:*:*:*", matchCriteriaId: "78DE1A01-3AEF-41E6-97EE-CB93429C4A1D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3745:*:*:*:*:*:*:*", matchCriteriaId: "410184AF-B932-4AC9-984F-73FD58BB4CF7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3745d:*:*:*:*:*:*:*", matchCriteriaId: "B265F073-9E0A-4CA0-8296-AB52DEB1C323", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3770:*:*:*:*:*:*:*", matchCriteriaId: "3F664223-1CBC-4D8A-921B-F03AACA6672B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3770d:*:*:*:*:*:*:*", matchCriteriaId: "987A8470-08BA-45DE-8EC0-CD2B4451EECD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3775:*:*:*:*:*:*:*", matchCriteriaId: "8BBC9542-FB77-4769-BF67-D42829703920", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3775d:*:*:*:*:*:*:*", matchCriteriaId: "74FDC18B-4662-422E-A86A-48FE821C056F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3785:*:*:*:*:*:*:*", matchCriteriaId: "CAB4AA2C-D1D9-44D8-9471-66EBDE9DC66D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3795:*:*:*:*:*:*:*", matchCriteriaId: "CBA3E7AE-CB74-48A8-A2B8-9FCADB6E40D2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_j:j3455:*:*:*:*:*:*:*", matchCriteriaId: "723E7155-493D-4B5A-99E2-AB261838190E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_j:j4005:*:*:*:*:*:*:*", matchCriteriaId: "82E37264-E4BA-4D9D-92E7-56DE6B5F918F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_j:j4105:*:*:*:*:*:*:*", matchCriteriaId: "8704BE6D-2857-4328-9298-E0273376F2CD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n3450:*:*:*:*:*:*:*", matchCriteriaId: "C1289B9E-5725-42EF-8848-F545421A29E1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:32nm:*:*:*:*:*:*:*", matchCriteriaId: "50287A9B-366F-41F2-BEBD-D4C64EF93035", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:45nm:*:*:*:*:*:*:*", matchCriteriaId: "CCB79F2F-5522-45D3-A1D1-DC2F5A016D99", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:32nm:*:*:*:*:*:*:*", matchCriteriaId: "9749C2B0-B919-4172-A2AD-04C99A479F5A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:45nm:*:*:*:*:*:*:*", matchCriteriaId: "0F1F45A1-A17D-4895-8A71-00010C7E55D9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:32nm:*:*:*:*:*:*:*", matchCriteriaId: "D46BF41F-C44C-4D87-862E-0D156A2298DD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:45nm:*:*:*:*:*:*:*", matchCriteriaId: "5927D78A-EE05-4246-A141-4A8815AB228B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m:32nm:*:*:*:*:*:*:*", matchCriteriaId: "579FC479-DEA0-415D-8E8F-18A81A85A471", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m:45nm:*:*:*:*:*:*:*", matchCriteriaId: "CEECAA34-57F4-4B01-857C-C8454E1EDCAB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium:n4000:*:*:*:*:*:*:*", matchCriteriaId: "967252A4-EC1F-4B31-97B8-8D25A3D82070", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium:n4100:*:*:*:*:*:*:*", matchCriteriaId: "3205757B-07DB-4115-B3E0-4DF9D0EA2061", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium:n4200:*:*:*:*:*:*:*", matchCriteriaId: "2AF8ABFA-BBFD-42F5-9769-00F8CD67F7FC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium_j:j4205:*:*:*:*:*:*:*", matchCriteriaId: "88AF1366-8A14-4741-8146-886C31D8D347", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium_silver:j5005:*:*:*:*:*:*:*", matchCriteriaId: "7AEAA43A-4D97-4E13-82E1-895F3B368B25", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium_silver:n5000:*:*:*:*:*:*:*", matchCriteriaId: "BB6BAE0B-103D-430E-BAE9-429881620DE8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e-1105c:-:*:*:*:*:*:*:*", matchCriteriaId: "2832E8BF-7AC7-444C-B297-66F770860571", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:125c_:*:*:*:*:*:*:*", matchCriteriaId: "E9D0A534-1749-4ED3-8F18-BF826D84EB56", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1220_:*:*:*:*:*:*:*", matchCriteriaId: "B581515E-29CC-462F-BB10-4EA6DE2D6637", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1275_:*:*:*:*:*:*:*", matchCriteriaId: "036D395E-AFE8-4D61-91CC-E9B3CD8B6380", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*", matchCriteriaId: "44AA72FB-E78D-419E-AA82-B0538C6504D3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*", matchCriteriaId: "687C3BF3-D71A-49AD-8A05-EAC07CBCD949", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*", matchCriteriaId: "90AF90D9-16C4-4F8A-9868-3E2823E3445C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*", matchCriteriaId: "3C063C53-8970-45B1-85F8-FB2080BF4695", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*", matchCriteriaId: "64596ED7-794A-4D23-987B-D9AD59D48EA5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*", matchCriteriaId: "C2E52BA6-2F2F-4CD2-A601-5B0ADDE5E23F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*", matchCriteriaId: "3FDA48F0-0F35-4A8F-8117-B0B28E00AB95", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*", matchCriteriaId: "A561A8E8-79E2-4071-B57D-590C22EF86A8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*", matchCriteriaId: "92E46658-60AB-4758-9236-3AC0E6464383", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*", matchCriteriaId: "207B8FBA-E2FF-485A-9AD9-E604AE0FB903", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*", matchCriteriaId: "33F99640-C753-40BE-A0A1-4C2D92E7DB09", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:3600:*:*:*:*:*:*:*", matchCriteriaId: "36609915-9E0D-4204-B544-4832E1195BA6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:5600:*:*:*:*:*:*:*", matchCriteriaId: "3612AC78-4904-4830-85DF-38A38F617379", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:7500:*:*:*:*:*:*:*", matchCriteriaId: "B79CC0FA-3DA1-4812-8E73-B0FF0752E31E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:e5502:*:*:*:*:*:*:*", matchCriteriaId: "D12F3759-48D2-4208-AD5B-3AC8B012D061", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:e5503:*:*:*:*:*:*:*", matchCriteriaId: "E7C61D9B-2733-4A67-9D6A-2290123C0405", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:e5504:*:*:*:*:*:*:*", matchCriteriaId: "44C3C383-6927-44AD-9488-8B916D5959ED", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:e5506:*:*:*:*:*:*:*", matchCriteriaId: "7FC1E41C-7A17-42B7-936D-09A236D9C4D9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:e5507:*:*:*:*:*:*:*", matchCriteriaId: "E814CB3E-4542-4E3E-91E8-D97EA17C0B1F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:e5520:*:*:*:*:*:*:*", matchCriteriaId: "8FD43D7C-932B-463F-8EB2-3A115FBED4BE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:e5530:*:*:*:*:*:*:*", matchCriteriaId: "9CCD70F8-D81D-467B-8042-5D3B9AC513E8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:e5540:*:*:*:*:*:*:*", matchCriteriaId: "D05C68D0-4771-4338-9761-6428195F0318", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:e6510:*:*:*:*:*:*:*", matchCriteriaId: "C4FC2878-389F-4687-8377-E192A1C519BB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:e6540:*:*:*:*:*:*:*", matchCriteriaId: "4B24CEBE-51B1-4EC5-8770-BFDB0625193A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:e6550:*:*:*:*:*:*:*", matchCriteriaId: "61BD85A8-39D9-4248-96FE-CAEF4BC7CD44", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:l3403:*:*:*:*:*:*:*", matchCriteriaId: "8320D28B-B10D-47AE-9B65-51304F93F9AD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:l3406:*:*:*:*:*:*:*", matchCriteriaId: "35AD843A-EBB1-42BE-A305-595C23881404", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:l3426:*:*:*:*:*:*:*", matchCriteriaId: "0D457B8B-50A6-411C-8528-96915B697C1A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:l5506:*:*:*:*:*:*:*", matchCriteriaId: "3934C421-BD11-4174-83F4-3E20176F03F9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:l5508_:*:*:*:*:*:*:*", matchCriteriaId: "45EE1BA7-5356-4421-9CF2-48DA09EBAE3E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:l5518_:*:*:*:*:*:*:*", matchCriteriaId: "92FE452A-EE8B-4ACE-96B1-B6BD81FAC9B3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:l5520:*:*:*:*:*:*:*", matchCriteriaId: "47195FE7-3692-42C4-B29E-679A6FE0E220", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:l5530:*:*:*:*:*:*:*", matchCriteriaId: "C033BBFA-67F4-4F24-A042-FF996B327976", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:w5580:*:*:*:*:*:*:*", matchCriteriaId: "BBF7A770-3E90-4466-8595-8E523D82BC62", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:w5590:*:*:*:*:*:*:*", matchCriteriaId: "FA7922C0-AB84-4331-BE8F-71A0D95D4F43", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:x3430:*:*:*:*:*:*:*", matchCriteriaId: "648CB034-89BF-48FF-A3BF-C84C08FE09E3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:x3440:*:*:*:*:*:*:*", matchCriteriaId: "2A7DC164-65FF-483A-AD69-3E23E449E52C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:x3450:*:*:*:*:*:*:*", matchCriteriaId: "8D3DCB95-5139-44C6-8151-8CEFD37F9DAB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:x3460:*:*:*:*:*:*:*", matchCriteriaId: "ED5FEA46-49A2-4082-98D2-56E698A56909", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:x3470:*:*:*:*:*:*:*", matchCriteriaId: "0B85D7F3-1FA5-4FE1-AAFF-CEE8DF822CC4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:x3480:*:*:*:*:*:*:*", matchCriteriaId: "80607FEB-8908-40F6-B702-FD56D849E2D0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:x5550:*:*:*:*:*:*:*", matchCriteriaId: "97F20575-82C0-466D-8FDD-AAC034247D0E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:x5560:*:*:*:*:*:*:*", matchCriteriaId: "648E21A8-6B5F-4C97-A71A-44B97DBB4FE0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:x5570:*:*:*:*:*:*:*", matchCriteriaId: "172EA906-A08F-4D2A-9814-937C07F77C8D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1105c_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "BA1EC6D3-01CD-4CAB-817D-AE2E72FD0D03", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1125c_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "FDBA35BD-1048-4B6E-96B2-1CFF615EB49A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1220_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "979FEE9F-A957-43B6-BB6D-1A851D6FA11C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1220_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "1A7AF59D-D05E-47F9-B493-B5CD6781FDDD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "7EF7EC93-0170-45A9-86C7-5460320B2AE9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "A8A7B1C2-D2CE-485A-9376-27E14F3FA05A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_12201:-:*:*:*:*:*:*:*", matchCriteriaId: "B5F803AC-DCC7-43FC-BEB3-AA7984E0506C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_12201_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "560993AA-299D-42B7-B77F-1BD0D2114CCB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1220l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "1C582B1C-1DAC-48FD-82DD-7334C10A2175", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1225:-:*:*:*:*:*:*:*", matchCriteriaId: "D7862B0C-2C44-4110-A62A-083116129612", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1225_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "048C5996-F719-4338-B148-0DD1C13E02FF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1225_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "0196DA2F-CFA7-44D0-BDF5-37C7403E3B9F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "4B9FF7FB-AB5A-4549-8C15-E69458C649E2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "1CEF6608-B650-4C77-9823-0AD57B3484F1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1226_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "4BE6A2D7-901C-45F9-B487-D674047D522E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230:-:*:*:*:*:*:*:*", matchCriteriaId: "DCFCAC5E-6CF1-4EC1-A24C-688DD1016A96", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "1ADCB509-5B0E-4592-8B23-EC25A3F79D41", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "FB51691F-089F-4016-B25E-238074B06C0D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "EBAAC728-6A0F-4675-9677-AAF7DD5D38ED", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "DB3BFEFD-3D0D-48B0-A5AE-6F3C2D791CE1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "BC7E1AFD-9BCE-4487-A8DE-F9C60529CA7A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1231_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "7EA37503-FD3D-4220-933C-234631D6EDEF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1235:-:*:*:*:*:*:*:*", matchCriteriaId: "72992831-2A76-456B-A80C-944BDD8591E4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "A79C2131-5566-4CC2-B6ED-38E3F6964500", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240:-:*:*:*:*:*:*:*", matchCriteriaId: "60BFDAA6-3DFC-4908-BC33-B05BAB462F94", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "B6266056-770A-4E2D-A4FC-F1475257648E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "929AA8F3-8BDF-4614-9806-6D4231735616", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "605D7552-8184-4B11-96FD-FE501A6C97DD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "3144BBDE-CC96-4408-AA02-ECC3BF902A34", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "1B8BA77A-34E3-4B9E-822A-7B7A90D35790", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "E7165B43-ED22-4714-8FA4-1E201D1BFA69", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1241_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "67CFB133-FAF0-431A-9765-8A9738D6D87C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1245:-:*:*:*:*:*:*:*", matchCriteriaId: "2975B0F2-DB7C-4257-985A-482ED2725883", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1245_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "70221E07-3C2E-4A82-8259-AD583EB5CDDD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1245_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "427DFD78-56CD-43C4-948E-F53AF9D669F3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "3E3E6F5F-6B82-43D9-BD6E-D22F9B991DB4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "75AD7649-3FEA-4971-9886-6C9312B937A1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1246_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "B4EE972C-6BAE-4342-BA01-1D685487F9C3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1258l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "27CDFE3B-C064-49A9-BD43-3F7612257A74", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1260l:-:*:*:*:*:*:*:*", matchCriteriaId: "3BD0EEC1-D695-41A5-8CD6-9E987A547CC4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "C35AA9AC-28B3-49C2-A9B5-5D26DFEDB723", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1265l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "4DBF25B8-D474-4C6B-8E45-F57DDC7074E7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1265l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "3DF18FD1-6670-4C3C-8000-A079C69D575E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1265l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "D760EEAF-5CF5-4F25-8FA2-D4F75F4F5A91", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1268l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "921EB5A5-F911-4FCE-A6F1-C66818B34678", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "13878C13-1C7C-4B83-AF27-4998E8F659DC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1270:-:*:*:*:*:*:*:*", matchCriteriaId: "023063E1-2DD7-487C-A8A7-939FAEE666A9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1270_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "77255CE6-D7B7-4B48-993C-7100A1170BC6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1270_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "B40AC368-3A14-4EFF-A8D0-7EFB4C83045D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "3472AA7B-C0CF-4D65-8A6C-B1D52D27F0CB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "C07E80D5-70A5-49C9-9044-D683C7ECCFF5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1271_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "63668AF4-F29C-4424-8EC5-2F0A5950DD58", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1275_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "09C1C7CD-538D-4D7A-A81C-10DF5376A479", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1275_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "5922F749-2B23-44B8-8A46-F31BCAEAD279", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "2C48BBAF-6B27-43D6-B86B-40CD8E7BA056", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "D75D0EEB-707C-4C86-A569-E91E9F00BA77", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1275l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "F0FB0E20-0243-40A1-8DEF-37150791222E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1276_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "68CFF26D-8AD3-4179-9E4C-F06D7C858C9A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1278l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "7541572C-229F-4963-B7F0-06EB3323E53B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1280:-:*:*:*:*:*:*:*", matchCriteriaId: "85DE669C-27FD-4196-8B8C-1DA4EE4C1D6C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1280_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "479F7C77-D16F-4E40-9026-3EB8422E0401", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1280_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "7A242AC2-9AA6-43FD-90F4-5BF6E80DBB5E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "04DB08C8-0018-4A8E-A206-097BDDF83B08", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "B7193E85-30BE-42D5-A26B-3F88817F3574", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1281_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "446E8515-45FC-4B8B-8D12-60643D64C07F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1285_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "EBBDF6B2-D388-4639-87D8-064AA3F6B6FC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1285_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB8B6-B614-4EAA-BA90-C5326CB5D07A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "2A371DF9-E224-404F-99C2-C2A4607E62D8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1285l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "0F40E356-365D-44B7-8C38-A0C89DDD6D3E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1285l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "A3132029-89F8-4359-A0DC-A275785266A1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1286_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "B02F5685-0636-48AB-B222-434CA1F3B336", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1286l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "E51FDD60-88E5-4A86-BB8E-4C2D7EDEFA03", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1290:-:*:*:*:*:*:*:*", matchCriteriaId: "3ED4693C-DECF-4434-90C0-56158F102E7E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1290_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "BB408A6B-0842-43DA-9180-B0A299FCBCE6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "6215EBAC-7C75-4647-9970-482120897F1F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "3357FCAC-B6C4-4E3E-A40B-AB5084A7F9B2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "3B1BD2B6-1AF6-4AD4-94FA-94B453A21908", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "8D1FD6E8-80EC-461F-9ED1-CE5912399E80", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "E96F585E-BDEF-45EE-B0AB-94FE23753AC5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2650l_v4:*:*:*:*:*:*:*", matchCriteriaId: "3279C067-3058-4D46-A739-05404FD0E9B5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2658:*:*:*:*:*:*:*", matchCriteriaId: "DB4DF0A7-8BC2-48AE-9036-FED6EEC57DF3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2658_v2:*:*:*:*:*:*:*", matchCriteriaId: "C0855225-F501-486A-BD03-2A86FD252B5A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2658_v3:*:*:*:*:*:*:*", matchCriteriaId: "214C7B0C-C438-4000-9F9B-6D83294243AA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2658_v4:*:*:*:*:*:*:*", matchCriteriaId: "4C91AA2E-4BB2-49C8-9364-4E363DF42CB0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2658a_v3:*:*:*:*:*:*:*", matchCriteriaId: "DA26781F-5A1C-4DA5-835E-D984D697F22B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2660:*:*:*:*:*:*:*", matchCriteriaId: "2EEA4222-F25D-4457-80AA-6D05CA918D68", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2660_v2:*:*:*:*:*:*:*", matchCriteriaId: "9F3E60D1-5CF9-4F96-9EDB-D87F8CF57272", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2660_v3:*:*:*:*:*:*:*", matchCriteriaId: "F4D321BC-6B1D-4C71-8E16-5A1319CEFD6C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2660_v4:*:*:*:*:*:*:*", matchCriteriaId: "6777AC35-9D1F-4153-94AC-B25627D730E6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2665:*:*:*:*:*:*:*", matchCriteriaId: "A5F063F4-8994-4E46-BA7B-A12A112009BD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2667:*:*:*:*:*:*:*", matchCriteriaId: "4D6F2DE5-AF11-439A-8D37-30CB882ECD58", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2667_v2:*:*:*:*:*:*:*", matchCriteriaId: "E213DD86-5419-42C8-BF38-7795DDB3C582", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2667_v3:*:*:*:*:*:*:*", matchCriteriaId: "A972291E-5231-439D-873B-2F87BCAF800A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2667_v4:*:*:*:*:*:*:*", matchCriteriaId: "C089CC54-3229-43D7-AA15-73CFA1A43EE3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2670:*:*:*:*:*:*:*", matchCriteriaId: "EF268D83-C15D-4559-A46F-844E1D9264F0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2670_v2:*:*:*:*:*:*:*", matchCriteriaId: "CFE97C0D-3EA1-4314-A74A-7845C7778FB7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2670_v3:*:*:*:*:*:*:*", matchCriteriaId: "34293F29-F327-4ADD-BF62-78F63F79BB96", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2680:*:*:*:*:*:*:*", matchCriteriaId: "528C0A46-1CC4-4882-985A-0BB41525BC6B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2680_v2:*:*:*:*:*:*:*", matchCriteriaId: "643F3522-A452-4927-944D-532574EC4243", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2680_v3:*:*:*:*:*:*:*", matchCriteriaId: "58F40B78-4DBA-44EE-8420-086789EFF53D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2680_v4:*:*:*:*:*:*:*", matchCriteriaId: "423BFD8F-4B50-43DA-9979-75FD18FBC953", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2683_v3:*:*:*:*:*:*:*", matchCriteriaId: "8BAD4A68-0481-476F-BBBD-3D515331368C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2683_v4:*:*:*:*:*:*:*", matchCriteriaId: "838CEB7C-7C4C-416C-86CE-6E8DD47EF25B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2687w:*:*:*:*:*:*:*", matchCriteriaId: "CC7D021F-3C97-45B3-B1F7-0AC26959F22B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2687w_v2:*:*:*:*:*:*:*", matchCriteriaId: "4A31AEF3-448D-417B-9589-4BA0A06F2FE8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2687w_v3:*:*:*:*:*:*:*", matchCriteriaId: "F7A1D96F-7FFD-413F-ABCE-4530C3D63040", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2687w_v4:*:*:*:*:*:*:*", matchCriteriaId: "FDB2B08B-D3C7-4B82-B170-471D6CDEFAE5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2690:*:*:*:*:*:*:*", matchCriteriaId: "4B8343FE-1320-40AE-A37F-70EF1A4AC4B7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2690_v2:*:*:*:*:*:*:*", matchCriteriaId: "CD42BA5A-7DA0-409D-8685-E43CF9B61D9F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2690_v3:*:*:*:*:*:*:*", matchCriteriaId: "A5FF80E9-CF28-4EF6-9CFE-4B500A434674", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2690_v4:*:*:*:*:*:*:*", matchCriteriaId: "7896A6C6-5918-4C27-85AF-6FEEFC7F8FD6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2695_v2:*:*:*:*:*:*:*", matchCriteriaId: "647B77A4-2F49-4989-AF43-961D69037370", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2695_v3:*:*:*:*:*:*:*", matchCriteriaId: "805B1E33-F279-4303-9DF3-C81039A40C1C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2695_v4:*:*:*:*:*:*:*", matchCriteriaId: "B971EA9E-AE5C-4A1D-AD55-8241F7B38C9C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2697_v2:*:*:*:*:*:*:*", matchCriteriaId: "DE7E0AAE-6539-4024-9055-BE0BAD702143", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2697_v3:*:*:*:*:*:*:*", matchCriteriaId: "7F1A8828-0765-4799-AD6C-143F45FAAD23", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2697_v4:*:*:*:*:*:*:*", matchCriteriaId: "12D34618-1CCA-405B-A49C-EB384A09C2C6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2697a_v4:*:*:*:*:*:*:*", matchCriteriaId: "575D6061-66BC-4862-BC84-ECD82D436E2A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2698_v3:*:*:*:*:*:*:*", matchCriteriaId: "56B6EE64-1AD4-46B2-BA65-BB6282E56EB0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2698_v4:*:*:*:*:*:*:*", matchCriteriaId: "11650B45-0BDA-42BF-AEF3-83B48DD6A71D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2699_v3:*:*:*:*:*:*:*", matchCriteriaId: "BD3C92BA-827B-48AF-BBB3-FB60A9053C22", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2699_v4:*:*:*:*:*:*:*", matchCriteriaId: "AC097E24-F6C9-40D9-95E9-7EFDFA61AFF5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2699a_v4:*:*:*:*:*:*:*", matchCriteriaId: "5EB44CA7-DFE6-4B1A-9A63-97AE30017E49", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2699r_v4:*:*:*:*:*:*:*", matchCriteriaId: "4B305EFA-6226-412C-90EE-F0691F2DDDE0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4603:*:*:*:*:*:*:*", matchCriteriaId: "7F3874FA-63CB-4B5D-8B64-CE920320A4E6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4603_v2:*:*:*:*:*:*:*", matchCriteriaId: "0800ED17-50E4-43F3-B46C-591DFA818BA5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4607:*:*:*:*:*:*:*", matchCriteriaId: "A46B0405-F301-4209-8766-6E12EAFAD157", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4607_v2:*:*:*:*:*:*:*", matchCriteriaId: "F99F9F1F-A967-4884-96CF-4488102DC0A2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4610:*:*:*:*:*:*:*", matchCriteriaId: "DA9B37AD-4599-425B-B39F-E571F4975266", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4610_v2:*:*:*:*:*:*:*", matchCriteriaId: "C5A5F1CF-A1E6-45F1-8B09-36566778DB57", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4610_v3:*:*:*:*:*:*:*", matchCriteriaId: "698C8A49-888B-4675-B3B0-25EDE2FD515E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4610_v4:*:*:*:*:*:*:*", matchCriteriaId: "70D98F97-8EF4-48B5-84BE-C3CC27031FDA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4617:*:*:*:*:*:*:*", matchCriteriaId: "B473D1FA-909B-492E-9C5B-94B0E20E1C0E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4620:*:*:*:*:*:*:*", matchCriteriaId: "BFD5EA7E-322E-4CE6-89D4-7DB1055C9034", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4620_v2:*:*:*:*:*:*:*", matchCriteriaId: "67836379-4E1A-45CD-9506-7D3F612E47C8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4620_v3:*:*:*:*:*:*:*", matchCriteriaId: "5B1BBC61-8664-4452-93A7-DDB4D2E4C802", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4620_v4:*:*:*:*:*:*:*", matchCriteriaId: "C4F1B50C-FC5F-47F4-87BC-60E1BD3DD1F2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4624l_v2:*:*:*:*:*:*:*", matchCriteriaId: "044F0375-DF2F-4D9B-AD7E-473D34165E8C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4627_v2:*:*:*:*:*:*:*", matchCriteriaId: "2CEE9B72-5C4C-40C0-A8A7-9DF11655DA43", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4627_v3:*:*:*:*:*:*:*", matchCriteriaId: "4A0655CA-A88C-4632-9A18-560E3F63B2F7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4627_v4:*:*:*:*:*:*:*", matchCriteriaId: "8C1454DD-DA51-4CBC-8BB2-09D5AB5777DB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4628l_v4:*:*:*:*:*:*:*", matchCriteriaId: "C6965851-3B29-4C21-9556-97FD731EAA85", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4640:*:*:*:*:*:*:*", matchCriteriaId: "52984FD2-44E0-4E91-B290-0376737EEF6F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4640_v2:*:*:*:*:*:*:*", matchCriteriaId: "4C5D92E2-E718-4247-BA5D-DFE86C0F6AAE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4640_v3:*:*:*:*:*:*:*", matchCriteriaId: "DF933366-7503-4F8D-B7AA-F6A16210EC37", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4640_v4:*:*:*:*:*:*:*", matchCriteriaId: "4E2DAF5D-5BB7-49C6-8426-8B547505B6FC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4648_v3:*:*:*:*:*:*:*", matchCriteriaId: "3EABB21D-D021-434B-B147-CAF687097A5B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4650:*:*:*:*:*:*:*", matchCriteriaId: "7609424D-95F1-4493-A20C-B1BA4EC6439D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4650_v2:*:*:*:*:*:*:*", matchCriteriaId: "966DC636-C802-4D9F-8162-652AFB931203", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4650_v3:*:*:*:*:*:*:*", matchCriteriaId: "A75794EB-A5AF-43F0-985F-D9E36F04C6D4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4650_v4:*:*:*:*:*:*:*", matchCriteriaId: "31C2CFF0-98FD-4A0D-8949-D554B2FE53D4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4650l:*:*:*:*:*:*:*", matchCriteriaId: "05F9217F-5028-4659-AA8E-F60548DE4D52", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4655_v3:*:*:*:*:*:*:*", matchCriteriaId: "4AC769DC-CF2E-4A3C-A610-264F024E6279", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4655_v4:*:*:*:*:*:*:*", matchCriteriaId: "9B2B1CBF-D155-49BC-81A4-4172F177A5C2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4657l_v2:*:*:*:*:*:*:*", matchCriteriaId: "370B2B32-519E-4373-8A04-5C5025D688BB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4660_v3:*:*:*:*:*:*:*", matchCriteriaId: "83D9B562-C279-4A55-A347-F28FC4F9CD12", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4660_v4:*:*:*:*:*:*:*", matchCriteriaId: "2A8C2BA0-48A8-4107-8681-A7C34C553D8C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4667_v3:*:*:*:*:*:*:*", matchCriteriaId: "B1B009DE-A82F-4569-9B42-EC1EC4DA8A40", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4667_v4:*:*:*:*:*:*:*", matchCriteriaId: "683B6E83-37FF-4F9B-915F-059EBB29DB53", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4669_v3:*:*:*:*:*:*:*", matchCriteriaId: "E218718F-4BE6-48B0-A204-9DD4A932A654", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4669_v4:*:*:*:*:*:*:*", matchCriteriaId: "FB0AB327-B60A-473C-9D36-97766EE62D7D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1428l:-:*:*:*:*:*:*:*", matchCriteriaId: "3DA249EE-4786-4E27-8787-5E8B88C2AEB9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1428l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "CEBD0529-1CF3-44E5-85B3-19A3323C9493", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1428l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "D664EE97-07EC-410F-94C3-AEAB2C6A627D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1620:-:*:*:*:*:*:*:*", matchCriteriaId: "D31DB981-03B1-4A84-8D87-CD407C3C149F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1620_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "0CBD155D-89D9-4677-A621-4D7613BE65C6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1620_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "D02BD0D4-FFFD-4355-97D8-170362F10B9F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1620_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "6635781A-2651-4EF2-A5AC-AEEEE63FDE6D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1630_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "8DCE6930-760A-48C0-B964-1E3ED6A8517C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1630_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "9E52DE90-DF96-4CE7-B8D1-226BA50E4D09", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1650:-:*:*:*:*:*:*:*", matchCriteriaId: "C8EB40E7-9B91-4106-B303-2B70AF395BFA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1650_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "EAB0D5CD-8AF3-409D-96A7-718641D4B90D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1650_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "6E420B0B-0CD5-41C7-B25A-3DB856055F9E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1650_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "8B0C295B-0D63-4BE7-830D-D927E00C301C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1660:-:*:*:*:*:*:*:*", matchCriteriaId: "605C340D-2220-4669-B827-9009CB099E8B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1660_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "8791879D-2908-4F57-8DB3-6D24100A9108", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1660_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "CEBEDBBA-0427-4DE0-BA8D-737DE7DF80E6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1660_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "E823DC5B-98BE-4656-BFBF-3A7018F8F213", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1680_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "64E8D558-ADE0-4358-9C76-7BD77BF23AA1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1680_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "7973B3D0-F244-4E26-88F5-A2D9BF2E4503", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2403:-:*:*:*:*:*:*:*", matchCriteriaId: "68E6BAB9-CBA4-4362-BC82-00D2C5CC6FB4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2403_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "CD3F4BFF-3CBE-4E4B-8B29-B203F99CFD8A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2407:-:*:*:*:*:*:*:*", matchCriteriaId: "3F5CB567-4F86-4466-BE4D-BFF557ACAE0A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2407_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "8A52611B-6583-4660-90D7-C9472728072B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2408l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "E80C6E89-B57C-47BB-8B95-50C03DFB3B96", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2418l:-:*:*:*:*:*:*:*", matchCriteriaId: "A9AB685B-FEE1-41EF-A046-1B34619E12A1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2418l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "DB9F6724-967A-4AF0-9896-12BF6164B2CB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2418l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "FC1116BF-12D7-47CC-98DB-18B200CF9C16", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2420:-:*:*:*:*:*:*:*", matchCriteriaId: "9FBB28DE-726B-4AF0-88A5-35987E1E648B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2420_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "5EA1DB22-8FBF-4CF6-AA96-5B68EE28877D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2428l:-:*:*:*:*:*:*:*", matchCriteriaId: "1880E2B8-5E0E-4603-8D17-3ABA43D28179", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2428l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2FAFBB92-1917-4238-832B-195FBE418271", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2428l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "91DFDF3F-9A3F-42B8-99A1-A3F76B198358", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2430:-:*:*:*:*:*:*:*", matchCriteriaId: "8778F972-BF34-482F-9FA7-71A77F6138E1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2430_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "8F288BB0-FE7A-4900-B227-BE80E4F4AADF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2430l:-:*:*:*:*:*:*:*", matchCriteriaId: "3A8DC53A-90C6-47FE-89F1-A1FE8B1C07A9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2430l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "57E16338-A094-4CA9-B77F-6FE42D3B422C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2438l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "4E07AB33-5351-487D-9602-495489C7C0B8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2440:-:*:*:*:*:*:*:*", matchCriteriaId: "22115ED6-1707-4840-B0D1-AD36BC0C75A8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2440_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "C7C633BC-831F-4CB7-9D62-16693444B216", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2448l:-:*:*:*:*:*:*:*", matchCriteriaId: "9CF5EE7E-F41B-44EC-9F69-7963B1BF1FB0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2448l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "6DD501E1-E78F-44C6-8A13-C29337B07EBE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2450:-:*:*:*:*:*:*:*", matchCriteriaId: "9085BA0B-B7E2-4908-90C0-B4183891C718", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2450_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "F2267CB8-0EE9-4DBD-AD5F-8A13BB62673C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2450l:-:*:*:*:*:*:*:*", matchCriteriaId: "81971C2F-137A-4F11-8C93-3B99D4CD1B58", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2450l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "98E0BDAC-398E-406B-B2DB-AE049D6E98B1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2470:-:*:*:*:*:*:*:*", matchCriteriaId: "FCB66D7E-B465-4A8B-8CBD-7E93CCA2CD6F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2470_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "86AFDE6C-DE58-4C4D-882E-474EF6C3D934", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2603:-:*:*:*:*:*:*:*", matchCriteriaId: "950C6BF9-AA47-4287-AC01-D183237490FA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2603_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2355181D-D8EE-4F80-8280-13D5CBCF4779", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2603_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "5209343F-66B0-4DC0-9111-E2E64CFF7409", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2603_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "720109A6-B79E-48E1-9AE7-7708B154788E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2608l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "82FF0DBD-AE13-4232-80F7-F4C2E2CC9721", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2608l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "E5E944ED-8C02-46B8-BF95-0CE4C352753B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2609:-:*:*:*:*:*:*:*", matchCriteriaId: "77AEA3D1-4846-46E2-9B80-20B19F00DC11", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2609_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "1576978F-E93D-4A47-90B6-6A4E3A7DE558", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2609_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "0D339FE5-001F-4005-88A5-CFFE37F9B63E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2609_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "1BDABA86-497E-497E-A5BA-46F913A4840A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2618l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "DD886F4C-DB6F-4DDD-9807-8BCBB625C226", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2618l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "9E16912A-7F6A-4A2B-B70F-D1FCD34BC7DB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2618l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "F4C454B7-E5F4-4AAE-B577-FD71FA002C8A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2620:-:*:*:*:*:*:*:*", matchCriteriaId: "38BE2781-3A06-4D62-AC8B-68B721DA526B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2620_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "E9AE4EA5-B8C8-4AE2-9614-F9DBDB4D79DC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2620_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "2DA23772-2EB8-4BEE-8703-26D967EC4503", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2620_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "72DC766A-B1F9-4B83-9F9B-CF603EE476BD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2623_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "EA594740-43C5-4F42-BA5B-00CA8AE7BB60", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2623_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "572B16E2-8118-43A0-9A80-5D96831D55FD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2628l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "9FB5C551-BADC-4A3A-93E5-2EBCA0704C51", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2628l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "5383B7A3-1569-4FEB-B299-B87CE8C8A87B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2628l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "A05BBDE0-6C47-4489-9455-7DA7D230ECA1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630:-:*:*:*:*:*:*:*", matchCriteriaId: "1789AA69-EA31-44D1-82E6-228E48E18586", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "B4A7D5FF-3B1F-4C64-BB81-7A349765520D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "D93A92E9-C8D2-4F6E-A5CA-E8AFFEEC7E13", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "0F0498B3-393A-4C32-B338-E6014B956755", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630l:-:*:*:*:*:*:*:*", matchCriteriaId: "C451F752-6869-4AFA-BAE5-5C9A54427BF2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "83710FD1-099B-436D-9640-061D515E10BA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "517B71CE-6156-40E1-B068-A2B733E205E3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "11DEEEE5-5055-4CE1-962C-C5F075F4CC02", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2637:-:*:*:*:*:*:*:*", matchCriteriaId: "8718DDAB-3208-48CF-9BCE-54DA1257C16A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2637_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1AA901-E822-4240-9D82-C9311E4F87B2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2637_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "C1CDE3DF-8E79-4997-94EB-B517FFCAE55C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2637_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "12A0DE13-EB0B-493B-BC84-3AEB3D454776", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2640:-:*:*:*:*:*:*:*", matchCriteriaId: "1727697B-1F59-4E29-B036-C32E9076C523", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2640_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "E69E827C-C0D0-46C7-913A-1C1E02CEAACE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2640_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "2528F3F9-34DC-41DA-8926-382CB3EF5560", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2640_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "E452C262-5A8D-4D97-BC7F-A4F5FF53A659", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2643:-:*:*:*:*:*:*:*", matchCriteriaId: "9D57BF69-D750-4278-98AA-976B0D28E347", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2643_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "76ADAE30-6CAD-4F5B-B6F7-C18953144C63", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2643_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "8A25D792-E21D-43EE-8B9D-67DE066DE5DE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2643_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "2C669783-C058-4B4F-BB9A-84B2C4682247", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2648l:-:*:*:*:*:*:*:*", matchCriteriaId: "159B088B-9A85-4CAA-854A-AA080E528F95", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2648l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "FBE74A94-FE8F-4749-A35A-AB7D57E24913", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2648l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "990AC341-0E67-4A81-87E9-EE3EFD9E847E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2648l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "53BC18B0-58F1-4477-9978-CA7383C197FB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2650:-:*:*:*:*:*:*:*", matchCriteriaId: "474992FB-842D-4661-A565-44AF2CD78693", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2650_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "476E1B79-5342-4895-96D7-E97DFC1F5334", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2650_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "EBD318D5-89A6-4E28-939C-C5B61396806B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2650_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "981AD3FF-1D14-4ECD-8B6F-BCEB7F2409AF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2650l:-:*:*:*:*:*:*:*", matchCriteriaId: "A32C7E89-32ED-4328-9313-FA7D3DDBDC58", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2650l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2792EED8-2CBD-478E-BC09-05FE830B3147", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2650l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "97B1AF2F-6E48-4DBD-A60E-3088CA4C3771", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2803:*:*:*:*:*:*:*", matchCriteriaId: "34E1691D-65B3-45E4-A544-8B29E38D569D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2820:*:*:*:*:*:*:*", matchCriteriaId: "E42F2703-B8AB-410E-AF7B-CD0BE777F061", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2830:*:*:*:*:*:*:*", matchCriteriaId: "31244C94-00A3-499C-A91A-1BEF2FB0E6B9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2850:*:*:*:*:*:*:*", matchCriteriaId: "878FF6E8-8A6D-44CE-9DD1-2C912AB8A193", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2850_v2:*:*:*:*:*:*:*", matchCriteriaId: "5078A95B-2BD8-4A37-A356-F53D1A53CB37", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2860:*:*:*:*:*:*:*", matchCriteriaId: "0BFE67CD-DE53-4C4E-8245-35902AEFA6E8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2870:*:*:*:*:*:*:*", matchCriteriaId: "9F231D31-3AAD-4C5D-A225-D2DF94486718", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2870_v2:*:*:*:*:*:*:*", matchCriteriaId: "5998DF5D-E785-45EC-B8D0-1F4EC4F96D50", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2880_v2:*:*:*:*:*:*:*", matchCriteriaId: "EADFD013-0BFB-427C-98E6-F9E4774DCBC9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2890_v2:*:*:*:*:*:*:*", matchCriteriaId: "58620B10-FEA6-456D-B6B5-2745F5DBE82D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4807:*:*:*:*:*:*:*", matchCriteriaId: "E8F698B1-D9CF-4FE5-933D-EFCEA3056E3D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4809_v2:*:*:*:*:*:*:*", matchCriteriaId: "4858A1F0-97F2-4258-AB98-027BF1EC5117", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4809_v3:*:*:*:*:*:*:*", matchCriteriaId: "3C961A8B-EAFD-4F66-9432-BCC0D154ECCE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4809_v4:*:*:*:*:*:*:*", matchCriteriaId: "052DE6CD-A1E7-4E81-B476-66EF451061C4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4820:*:*:*:*:*:*:*", matchCriteriaId: "3BE1AE1E-6FC0-41D8-857C-C5A99CAF5823", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4820_v2:*:*:*:*:*:*:*", matchCriteriaId: "751B3AC8-D45E-46B6-83D5-311B693F3C0D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4820_v3:*:*:*:*:*:*:*", matchCriteriaId: "9588277A-0B97-4408-9CF7-11271CDAADD6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4820_v4:*:*:*:*:*:*:*", matchCriteriaId: "479FE854-85E5-4ED0-BFAF-2618C9053082", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4830:*:*:*:*:*:*:*", matchCriteriaId: "E048B9BF-77C8-49F7-9F2D-9999F79BA264", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4830_v2:*:*:*:*:*:*:*", matchCriteriaId: "6CD16D4D-E816-486D-96F4-5A2BF75B959F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4830_v3:*:*:*:*:*:*:*", matchCriteriaId: "169C558E-1A83-47D5-A66B-035BD1DD56FF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4830_v4:*:*:*:*:*:*:*", matchCriteriaId: "D683E509-3FB2-4175-BCAB-4EB1B5C04958", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4850:*:*:*:*:*:*:*", matchCriteriaId: "6FCFA915-5445-4732-9F8F-D7561BA4177F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4850_v2:*:*:*:*:*:*:*", matchCriteriaId: "63A9FD98-C22D-48F6-87A1-60791C818A1E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4850_v3:*:*:*:*:*:*:*", matchCriteriaId: "85F99F24-1783-4E6E-BE61-04C2E80356ED", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4850_v4:*:*:*:*:*:*:*", matchCriteriaId: "74CC7EB9-3F59-4C0A-B3A1-984BCCFB25BD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4860:*:*:*:*:*:*:*", matchCriteriaId: "85289E4C-C813-4677-867D-EE8E98F4A1A3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4860_v2:*:*:*:*:*:*:*", matchCriteriaId: "27C8150F-BEFA-406D-9F0D-E7CB187E26AB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4870:*:*:*:*:*:*:*", matchCriteriaId: "1E807F90-819F-4103-B1F7-4CE46971BD63", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4870_v2:*:*:*:*:*:*:*", matchCriteriaId: "CD93203F-71B9-4F87-B5D8-FD273451C8A2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4880_v2:*:*:*:*:*:*:*", matchCriteriaId: "1E652C74-C48D-4F29-9E85-09325632443F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4890_v2:*:*:*:*:*:*:*", matchCriteriaId: "99158191-3013-4182-8A53-5DFCA1E2C60A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8830:*:*:*:*:*:*:*", matchCriteriaId: "F7E39A3E-7EAE-47C9-930B-58A980B73FC5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8837:*:*:*:*:*:*:*", matchCriteriaId: "FFDA54BA-C00D-4890-9B7F-328257607B21", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8850:*:*:*:*:*:*:*", matchCriteriaId: "1F5EFB1E-334C-4B55-8E2E-6AE19B34774D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8850_v2:*:*:*:*:*:*:*", matchCriteriaId: "B8260DCA-2F0C-45F7-B35F-D489AF5639F2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8857_v2:*:*:*:*:*:*:*", matchCriteriaId: "7778F81B-6D05-4666-B1D4-53DB0EC16858", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8860:*:*:*:*:*:*:*", matchCriteriaId: "5DC6706A-61F7-4AA0-B2FF-0FFDF739A644", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8860_v3:*:*:*:*:*:*:*", matchCriteriaId: "7EF1B16B-02F2-4ECA-938E-B5CDCFC67816", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8860_v4:*:*:*:*:*:*:*", matchCriteriaId: "3C5501D8-1B0D-4F5A-AFD7-C63181D3281F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8867_v3:*:*:*:*:*:*:*", matchCriteriaId: "1751F0CE-A0D3-40E2-8EEC-D31141FE33A8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8867_v4:*:*:*:*:*:*:*", matchCriteriaId: "5FF9AFA7-BBE8-4229-94CB-5A9596728BA5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8867l:*:*:*:*:*:*:*", matchCriteriaId: "E23A777F-68A4-4217-A75A-4D8A27E6451A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8870:*:*:*:*:*:*:*", matchCriteriaId: "2CA27DFB-CDD1-4F52-86B3-DB2320A9C7B2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8870_v2:*:*:*:*:*:*:*", matchCriteriaId: "392A4337-11F6-4980-A138-4FDBCAD0EBA4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8870_v3:*:*:*:*:*:*:*", matchCriteriaId: "E2E9BB67-F1FF-4190-889F-78B965CCE934", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8870_v4:*:*:*:*:*:*:*", matchCriteriaId: "F4185A70-5D10-448E-A9AB-AA9D5CDF0FF8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8880_v2:*:*:*:*:*:*:*", matchCriteriaId: "35607317-0928-4297-A33E-D44BEE1BBEC9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8880_v3:*:*:*:*:*:*:*", matchCriteriaId: "D48323B1-7FEB-451F-A064-23E7CE7F6403", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8880_v4:*:*:*:*:*:*:*", matchCriteriaId: "29EF4E8A-EF37-4DCC-B5D4-DA89AF31DD18", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8880l_v2:*:*:*:*:*:*:*", matchCriteriaId: "F5763189-7980-4A72-92C9-1908FE9E15EF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8880l_v3:*:*:*:*:*:*:*", matchCriteriaId: "C53ACD49-DA21-4DDE-A0AA-FCCD59D29886", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8890_v2:*:*:*:*:*:*:*", matchCriteriaId: "4326D350-EBC2-48E6-A2C6-0499F6826CEE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8890_v3:*:*:*:*:*:*:*", matchCriteriaId: "8594E6FE-B6DB-4343-B3DD-AEC19923DAF9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8890_v4:*:*:*:*:*:*:*", matchCriteriaId: "5BCADA00-E453-414D-9933-FCB43D21BBC3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8891_v2:*:*:*:*:*:*:*", matchCriteriaId: "E62212D9-F707-4A8E-AB2A-A3985E7A4049", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8891_v3:*:*:*:*:*:*:*", matchCriteriaId: "561755A8-8AAD-4F41-8266-747EFDAF2D55", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8891_v4:*:*:*:*:*:*:*", matchCriteriaId: "E6F4BB0F-DAF4-479B-B78A-7929C151AA1B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8893_v2:*:*:*:*:*:*:*", matchCriteriaId: "A207312E-1D35-4464-A111-22C4C793E146", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8893_v3:*:*:*:*:*:*:*", matchCriteriaId: "E9B16E32-07D5-445B-BAA5-4E4A0881BFC1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8893_v4:*:*:*:*:*:*:*", matchCriteriaId: "7CF08F6B-2ECB-414C-82D7-C06085BF8B10", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8894_v4:*:*:*:*:*:*:*", matchCriteriaId: "21032BE3-74D8-4C3F-B461-158F475B6853", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:5115:*:*:*:*:*:*:*", matchCriteriaId: "2F9AC992-59B7-44EE-9FF3-567AC48938AA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:85115:*:*:*:*:*:*:*", matchCriteriaId: "9DB6A2ED-D433-4A8E-8044-02571D0BBD92", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:85118:*:*:*:*:*:*:*", matchCriteriaId: "4F819519-61B6-4ED0-8A23-509D6B26ACE1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:85119t:*:*:*:*:*:*:*", matchCriteriaId: "E2D81C40-4BD0-4D25-95B4-44BE2011F117", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:85120:*:*:*:*:*:*:*", matchCriteriaId: "85C3A39E-29D3-4C02-89A6-D5B3475EF592", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:85120t:*:*:*:*:*:*:*", matchCriteriaId: "C70340A2-71DC-4D4D-BA2E-2B2E9ACDBE5F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:85122:*:*:*:*:*:*:*", matchCriteriaId: "586DB792-9FF6-4253-9DAE-F3ACA3F1C489", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86126:*:*:*:*:*:*:*", matchCriteriaId: "330576E9-3A92-4E22-BBC0-94A12ACE1032", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86126f:*:*:*:*:*:*:*", matchCriteriaId: "5C644430-A075-40E1-8E35-15B97D8E9078", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86126t:*:*:*:*:*:*:*", matchCriteriaId: "BAC094AC-0A3A-43F3-823A-089235D04A7C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86128:*:*:*:*:*:*:*", matchCriteriaId: "5835FB20-922D-4478-8E4B-A53CCEE46198", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86130:*:*:*:*:*:*:*", matchCriteriaId: "667A34BF-8699-477D-B30A-CEF0A36FC81B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86130f:*:*:*:*:*:*:*", matchCriteriaId: "FE586938-ED60-40EA-8177-30267C7A3E58", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86130t:*:*:*:*:*:*:*", matchCriteriaId: "CF902C36-0708-4B93-9504-5EA7EEDD628F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86132:*:*:*:*:*:*:*", matchCriteriaId: "F0BC5EBB-2F1A-45C4-A8A7-122FBE4CBC93", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86134:*:*:*:*:*:*:*", matchCriteriaId: "795F5800-8C06-426B-80AA-20F8E402ACAE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86134m:*:*:*:*:*:*:*", matchCriteriaId: "173E49AF-95A9-4DAE-8C74-13CFCA8F0726", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86136:*:*:*:*:*:*:*", matchCriteriaId: "ECE96391-4F25-4505-B757-D1F15ABD9FAA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86138:*:*:*:*:*:*:*", matchCriteriaId: "D037E4BA-35B9-42CB-9DDE-BED3DF49B958", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86138f:*:*:*:*:*:*:*", matchCriteriaId: "43288516-FA4D-4D8F-9E69-EA27115EB43B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86138t:*:*:*:*:*:*:*", matchCriteriaId: "13EF19E9-FE9A-4ED7-8D9E-848F10C088B0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86140:*:*:*:*:*:*:*", matchCriteriaId: "4EB72D0E-0E34-4EF3-98FB-52BE4A135D2A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86140m:*:*:*:*:*:*:*", matchCriteriaId: "6DDE7F94-D938-40BA-A1F6-CE52D0B74ECB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86142:*:*:*:*:*:*:*", matchCriteriaId: "B0E39247-337C-49D1-BF1B-504F2DA4EBA4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86142f:*:*:*:*:*:*:*", matchCriteriaId: "A45FA7CB-6523-4042-8832-193D87102F57", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86142m:*:*:*:*:*:*:*", matchCriteriaId: "61E350A6-9EC7-4E14-9790-040F154CE15D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86144:*:*:*:*:*:*:*", matchCriteriaId: "A8D70B4E-6B85-459C-AACA-59AB5CCC0B38", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86146:*:*:*:*:*:*:*", matchCriteriaId: "565EB5E9-3B86-4353-BFF6-3F5D27140B42", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86148:*:*:*:*:*:*:*", matchCriteriaId: "A32CBB5D-392A-4CD1-82D3-A97D822FADFE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86148f:*:*:*:*:*:*:*", matchCriteriaId: "383E08FE-EE7A-4E41-9AAD-786779D4B5E3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86150:*:*:*:*:*:*:*", matchCriteriaId: "2D50C6D5-3452-4214-B3FF-9F8009D75C3A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86152:*:*:*:*:*:*:*", matchCriteriaId: "A93954C6-9B01-4CEB-8925-5D3F415AFC1B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:86154:*:*:*:*:*:*:*", matchCriteriaId: "7B7D54E5-6EDE-44DE-AEA6-F7F76E3EC36F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8153:*:*:*:*:*:*:*", matchCriteriaId: "8CB2949C-4699-49EF-83EB-31199E0CE2DF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8156:*:*:*:*:*:*:*", matchCriteriaId: "66C169DC-EEFE-4DE6-A3D0-65B606527240", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8158:*:*:*:*:*:*:*", matchCriteriaId: "FD28227A-8888-43B2-BC41-8D54B49DA58C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8160:*:*:*:*:*:*:*", matchCriteriaId: "7984BAEA-4518-4E17-830E-B34D09648BD8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8160f:*:*:*:*:*:*:*", matchCriteriaId: "2C2214E5-491E-448F-A4B6-A497FB44D722", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8160m:*:*:*:*:*:*:*", matchCriteriaId: "2AE93013-C262-46A5-8E77-D647881EE632", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8160t:*:*:*:*:*:*:*", matchCriteriaId: "85B53CEC-943F-4966-8EC1-CB2C6AD6A15B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8164:*:*:*:*:*:*:*", matchCriteriaId: "EEAC04A3-EBE3-406B-B784-A3547162ECE4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8168:*:*:*:*:*:*:*", matchCriteriaId: "15720FFE-B2A4-4347-BCD7-DFA6774C0B8F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8170:*:*:*:*:*:*:*", matchCriteriaId: "50F46B0E-C746-44B4-B343-E3DCAB4B98DE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8170m:*:*:*:*:*:*:*", matchCriteriaId: "5AE30903-4F75-4D71-A8BB-44D1099E9837", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8176:*:*:*:*:*:*:*", matchCriteriaId: "98311EAA-26C8-4092-8BE5-4E7BEAA68DD4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8176f:*:*:*:*:*:*:*", matchCriteriaId: "DB8CF348-811C-4342-ACB9-AFCABCC34331", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8176m:*:*:*:*:*:*:*", matchCriteriaId: "71998EC5-EC0F-496C-B658-3CD91D824944", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8180:*:*:*:*:*:*:*", matchCriteriaId: "A1F19B2A-E7A1-4B97-AC40-02B0D3673555", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4108:*:*:*:*:*:*:*", matchCriteriaId: "CB6387C9-C0A8-4B26-BC62-802775CD0AD3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4109t:*:*:*:*:*:*:*", matchCriteriaId: "EFEB0164-77C2-4EC2-92FD-5FCE246119CB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4110:*:*:*:*:*:*:*", matchCriteriaId: "FDB20210-337C-4220-8CA1-F4B2BC54EBC3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4112:*:*:*:*:*:*:*", matchCriteriaId: "F699569F-4F52-4CC0-90D9-CC4CBC32428A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4114:*:*:*:*:*:*:*", matchCriteriaId: "CBAED22B-D097-49C4-ADDF-4B3F3E1262D6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4114t:*:*:*:*:*:*:*", matchCriteriaId: "ACF5C3C2-EE69-4DE7-A76C-C797192EE7A1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4116:*:*:*:*:*:*:*", matchCriteriaId: "7756B588-5A63-4508-8BDD-92DB8CB0F4AD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4116t:*:*:*:*:*:*:*", matchCriteriaId: "316E26AE-67A5-4E75-8F9B-ECF4A03AED51", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-a:15:*:*:*:*:*:*:*", matchCriteriaId: "001AB619-157E-40B4-B86C-5DB18245D62F", vulnerable: true, }, { criteria: "cpe:2.3:h:arm:cortex-a:57:*:*:*:*:*:*:*", matchCriteriaId: "38D51E27-28A3-47A1-9C36-1A223858E352", vulnerable: true, }, { criteria: "cpe:2.3:h:arm:cortex-a:72:*:*:*:*:*:*:*", matchCriteriaId: "365DF3EF-E7D1-41FC-8382-D3B095542D59", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*", matchCriteriaId: "AFB0FFE3-4BE1-4024-BCC6-1B87074DE2E3", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*", matchCriteriaId: "9DAA72A4-AC7D-4544-89D4-5B07961D5A95", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*", matchCriteriaId: "E8B8C725-34CF-4340-BE7B-37E58CF706D6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*", matchCriteriaId: "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", matchCriteriaId: "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*", matchCriteriaId: "4D4AC996-B340-4A14-86F7-FF83B4D5EC8F", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", matchCriteriaId: "704CFA1A-953E-4105-BFBE-406034B83DED", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.2:*:*:*:*:*:*:*", matchCriteriaId: "E938A8EB-68FE-427B-B67E-C880FBF54BBE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*", matchCriteriaId: "9FA1A18F-D997-4121-A01B-FD9B3BF266CF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", matchCriteriaId: "967EC28A-607F-48F4-AD64-5E3041C768F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "807C024A-F8E8-4B48-A349-4C68CD252CA1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F96E3779-F56A-45FF-BB3D-4980527D721E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", matchCriteriaId: "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*", matchCriteriaId: "92C9F1C4-55B0-426D-BB5E-01372C23AF97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", matchCriteriaId: "AF83BB87-B203-48F9-9D06-48A5FE399050", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", matchCriteriaId: "16E6D998-B41D-4B49-9E00-8336D2E40A4A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "98381E61-F082-4302-B51F-5648884F998B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*", matchCriteriaId: "13E02156-E748-4820-B76F-7074793837E1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "6755B6AD-0422-467B-8115-34A60B1D1A40", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D5F7E11E-FB34-4467-8919-2B6BEAABF665", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:*:*:*:*", matchCriteriaId: "1F3EFED2-F6BC-46D9-AB22-D5ED87EF4549", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", matchCriteriaId: "9070C9D8-A14A-467F-8253-33B966C16886", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:itc1500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3BC8E8CF-2507-49DE-BF54-CCF16A2861F5", versionEndExcluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:itc1500:3:*:*:*:*:*:*:*", matchCriteriaId: "742BCB01-8856-4F6F-86B6-A1DB878C3062", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:itc1500_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5178C320-CDB7-4180-951B-BFBCFAFB7FAA", versionEndExcluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:itc1500_pro:3:*:*:*:*:*:*:*", matchCriteriaId: "EEE4079D-C47A-4D57-9B37-947DE42F8A60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:itc1900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4E1F645D-141D-4BCB-8F90-4A7BCC08988B", versionEndExcluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:itc1900:3:*:*:*:*:*:*:*", matchCriteriaId: "B203F60B-0694-4B46-96CB-E8C5E4375E85", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:itc1900_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F702CAFB-3ED9-4185-9781-1DAA8A0B01DD", versionEndExcluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:itc1900_pro:3:*:*:*:*:*:*:*", matchCriteriaId: "0C231846-D2BC-428F-AADE-A7E09DB3A547", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:itc2200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CBA817DF-52C1-4FCC-A661-F81D923A18EF", versionEndExcluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:itc2200:3:*:*:*:*:*:*:*", matchCriteriaId: "D00016F2-3E88-4F57-AD2B-378153E73956", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:itc2200_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B30A4009-B0DD-492E-AEC1-985261707AC3", versionEndExcluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:itc2200_pro:3:*:*:*:*:*:*:*", matchCriteriaId: "C4ED0315-9898-4110-96AB-5C198357ED83", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:local_service_management_system:*:*:*:*:*:*:*:*", matchCriteriaId: "7E49B728-E8DE-4B23-9564-7BFDED6F299E", versionEndIncluding: "13.3", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*", matchCriteriaId: "8E8C192B-8044-4BF9-9F1F-57371FC0E8FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_ape_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "48B6FA71-3077-4202-A9A1-CBDF9AE2521E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_ape:-:*:*:*:*:*:*:*", matchCriteriaId: "3E4F2A68-3715-4F86-BEEC-8C4D4341B100", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et_200_sp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B42251AC-8FED-4BDE-93B3-5203F32D6313", versionEndExcluding: "2.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et_200_sp:-:*:*:*:*:*:*:*", matchCriteriaId: "4A661231-49DF-477F-954A-702839A9266B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_field_pg_m4_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8CAD5D20-80DB-4A09-AFBA-BCA594DE3B93", versionEndExcluding: "18.01.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_field_pg_m4:-:*:*:*:*:*:*:*", matchCriteriaId: "7ADAD919-32C1-49D2-A419-C9A803DB6250", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "503E551C-FC5F-4ABC-8DEA-E360701F0B33", versionEndExcluding: "22.01.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*", matchCriteriaId: "506DEE00-30D2-4E29-9645-757EB8778C0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc3000_smart_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "664FC58B-33E9-43E4-A87E-5C78F935C332", versionEndExcluding: "1.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc3000_smart:2:*:*:*:*:*:*:*", matchCriteriaId: "4809A582-BC22-41A0-815A-32CF2BA197F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc347e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45509778-898E-45DF-B14E-68B6C456B9B6", versionEndExcluding: "1.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc347e:-:*:*:*:*:*:*:*", matchCriteriaId: "49D276DE-950F-4A61-BA13-DD5D07A17571", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc427c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D2AB7B8D-D6FB-43A0-865D-58D4CDF96C06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc427c:-:*:*:*:*:*:*:*", matchCriteriaId: "DEA7336B-85CA-4A15-B7A6-D20B67041CCB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc427d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FBA3B550-EB8B-4EBB-A1F0-14152A6791DD", versionEndExcluding: "17.0x.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc427d:-:*:*:*:*:*:*:*", matchCriteriaId: "46CC8AFE-ED6C-4A50-AC80-D2309E03FAE4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33F546AF-8F80-4E0A-9B92-86E3A1F931C0", versionEndExcluding: "21.01.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*", matchCriteriaId: "A40D0CDB-7BE6-491F-B730-3B4E10CA159A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc477c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D55FC2D5-DCF6-4A24-873F-D0CF80DB3921", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc477c:-:*:*:*:*:*:*:*", matchCriteriaId: "4E4335E3-D2BB-4465-BBC8-611C7F85BEF8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc477d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "435F7F3C-7483-4101-BC0A-E1E2BB66D6C1", versionEndExcluding: "17.0x.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc477d:-:*:*:*:*:*:*:*", matchCriteriaId: "754A6744-5194-4A99-BD3B-944A8707C80F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5B6E6B-16A0-4236-AABE-82385B53EC78", versionEndExcluding: "21.01.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*", matchCriteriaId: "FDF9D4C3-1892-48FA-95B4-835B636A4005", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "224D0968-6414-41F7-8929-C69D524A416F", versionEndExcluding: "21.01.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "3FC5CE20-7D08-4496-A857-C3A4BD0AB1AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc547e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D476D093-4A97-499C-B40D-7A301BC9AA2E", versionEndExcluding: "r1.30.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc547e:-:*:*:*:*:*:*:*", matchCriteriaId: "D9DD4A97-1648-4C7F-A5A0-6899BD13A617", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "940CCA5A-EC4A-4D46-B56C-4FC3698707E0", versionEndExcluding: "r1.23.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*", matchCriteriaId: "9EB339B5-602F-4AB5-9998-465FDC6ABD6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc627c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "203B30DB-52C6-48ED-8A94-76F775DA1198", versionEndExcluding: "15.02.15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc627c:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1A57A9-F6E5-4672-BD22-09EF5522CA10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc627d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "790D244A-AC3D-4BBC-9139-A90048FD375A", versionEndExcluding: "19.02.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc627d:-:*:*:*:*:*:*:*", matchCriteriaId: "509AD120-3465-4C00-AAB3-B6F6ED708B51", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc647c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05466B50-76ED-41E7-87DC-96CA95AAC6A2", versionEndExcluding: "15.01.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc647c:-:*:*:*:*:*:*:*", matchCriteriaId: "E752006C-6D94-4B14-B3A5-C9BB94141BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc647d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C046182-BB33-41D0-B041-1566B8041917", versionEndExcluding: "19.01.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc647d:-:*:*:*:*:*:*:*", matchCriteriaId: "D0EF28FB-BAB3-4710-9D25-25F67ACADC60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc677d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8DE74300-E061-452E-AD1D-6DD7C2C62729", versionEndExcluding: "19.02.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc677d:-:*:*:*:*:*:*:*", matchCriteriaId: "057D9947-CE4A-4B4C-B721-4B29FB71350C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc677c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F232B7B4-D633-47ED-B435-6EB6530019F4", versionEndExcluding: "15.02.15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc677c:-:*:*:*:*:*:*:*", matchCriteriaId: "E74F55B7-DE3D-4D74-A7E7-9BCB8F7B114A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc827c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9C0D4DB3-FBA2-4868-8A38-5D81E622C709", versionEndExcluding: "15.02.15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc827c:-:*:*:*:*:*:*:*", matchCriteriaId: "1FFD2D72-5464-4B86-BACB-61F55A081C3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc827d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE4A7C13-6F81-4629-9C28-9202028634AE", versionEndExcluding: "19.02.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc827d:-:*:*:*:*:*:*:*", matchCriteriaId: "E6D87239-40C1-4038-B734-D77AC4DDD571", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc847c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8014E0E5-F880-4886-8294-7EC971D5BBF9", versionEndExcluding: "15.01.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc847c:-:*:*:*:*:*:*:*", matchCriteriaId: "687E1212-EC5A-47BA-ACAB-74F6C98B7C34", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc847d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93485235-481B-4BAF-BB7A-81BB5AA1BC53", versionEndExcluding: "19.01.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc847d:-:*:*:*:*:*:*:*", matchCriteriaId: "D8F37D88-E086-4060-8420-BD0F8D8FF580", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD949046-46E5-48C9-883B-92F04926E8BC", versionEndExcluding: "23.01.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*", matchCriteriaId: "187C6D51-5B86-484D-AE0F-26D1C9465580", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F81F41D-480F-4443-927E-00607DD40BF5", versionEndExcluding: "2.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*", matchCriteriaId: "30DDEA9B-E1BF-4572-8E12-D13C54603E77", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simotion_p320-4e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8102F17-F6DA-4EE9-B533-EA806D9E7F7E", versionEndExcluding: "17.0x.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simotion_p320-4e:-:*:*:*:*:*:*:*", matchCriteriaId: "9EE09494-625A-4FF7-8B3E-6510FF9AFC9C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinumerik_840_d_sl_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DE8095A5-3677-4024-9437-C46DA382C280", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinumerik_840_d_sl:-:*:*:*:*:*:*:*", matchCriteriaId: "9565FE15-A705-4D0A-BFA3-30871FDCF9DB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinumerik_pcu_50.5_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8E16526D-CCA8-45B2-829E-4562A7440356", versionEndExcluding: "15.02.15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinumerik_pcu_50.5:-:*:*:*:*:*:*:*", matchCriteriaId: "9220E9B5-5A0E-4F90-9A2C-B4692E937DBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinumerik_tcu_30.3_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CE42ABA9-E5D8-4589-B111-AE191747E03D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinumerik_tcu_30.3:-:*:*:*:*:*:*:*", matchCriteriaId: "2E53E94C-0F57-4A71-B919-C34984A5ADB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinema_remote_connect_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2051E518-7CCD-4B49-9705-BDDC37177BE0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinema_remote_connect:-:*:*:*:*:*:*:*", matchCriteriaId: "AF739F2D-744A-44CE-8DA7-F89A14239943", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mitel:micloud_management_portal:*:*:*:*:*:*:*:*", matchCriteriaId: "417953F8-F722-4CD0-BC59-1192A4533505", vulnerable: true, }, { criteria: "cpe:2.3:a:mitel:micollab:-:*:*:*:*:*:*:*", matchCriteriaId: "61E87F32-4157-42A3-A758-36AA2A4D7AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:mitel:mivoic_mx-one:-:*:*:*:*:*:*:*", matchCriteriaId: "4CEABF0C-99D9-415D-B8CB-B632C644664E", vulnerable: true, }, { criteria: "cpe:2.3:a:mitel:mivoice_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "150C225A-C4A0-4CC7-91AA-8F341D8152F1", vulnerable: true, }, { criteria: "cpe:2.3:a:mitel:mivoice_border_gateway:-:*:*:*:*:*:*:*", matchCriteriaId: "762B1578-25AD-4ACC-A1AE-C325155F49F1", vulnerable: true, }, { criteria: "cpe:2.3:a:mitel:mivoice_business:-:*:*:*:*:*:*:*", matchCriteriaId: "E561C59C-9E46-4FE1-8DA7-5E524FB9D87E", vulnerable: true, }, { criteria: "cpe:2.3:a:mitel:mivoice_connect:-:*:*:*:*:*:*:*", matchCriteriaId: "B1077221-796B-44E7-A278-579F41BA5DE0", vulnerable: true, }, { criteria: "cpe:2.3:a:mitel:open_integration_gateway:-:*:*:*:*:*:*:*", matchCriteriaId: "2D6F3481-E5DF-452A-AE3C-1ED648B54234", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sonicwall:cloud_global_management_system:-:*:*:*:*:*:*:*", matchCriteriaId: "1BD39AA6-8D0B-405C-8A69-9264C82BCDAC", vulnerable: true, }, { criteria: "cpe:2.3:a:sonicwall:email_security:-:*:*:*:*:*:*:*", matchCriteriaId: "2CD00A81-9A08-4C24-B720-BC7C99DCF19B", vulnerable: true, }, { criteria: "cpe:2.3:a:sonicwall:global_management_system:-:*:*:*:*:*:*:*", matchCriteriaId: "2008DF4A-1AC8-4CC0-8649-823B3B6BD329", vulnerable: true, }, { criteria: "cpe:2.3:a:sonicwall:secure_mobile_access:-:*:*:*:*:*:*:*", matchCriteriaId: "0AD3D92A-D07F-4087-81AF-0FA78E290DA6", vulnerable: true, }, { criteria: "cpe:2.3:a:sonicwall:web_application_firewall:-:*:*:*:*:*:*:*", matchCriteriaId: "0220EB54-D74B-451C-8FA6-D71BF39B578F", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicosv:-:*:*:*:*:*:*:*", matchCriteriaId: "1ED1C215-1656-4113-B571-9479FDEB9ACF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*", matchCriteriaId: "6CB56955-1A47-4F6C-A354-8BBAE7534504", versionEndExcluding: "7.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:jetson_tx1:*:*:*:*:*:*:*:*", matchCriteriaId: "D05993AD-FABF-49A6-B3F5-6DF1B0835321", versionEndExcluding: "r28.3", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:jetson_tx2:*:*:*:*:*:*:*:*", matchCriteriaId: "1455BBEB-871A-41FE-A4BD-6DC583777252", versionEndExcluding: "r28.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:microsoft:surface:-:*:*:*:*:*:*:*", matchCriteriaId: "BC248D3F-1D6D-48FC-94BA-3C24A182D172", vulnerable: true, }, { criteria: "cpe:2.3:h:microsoft:surface_book:-:*:*:*:*:*:*:*", matchCriteriaId: "987ECFC7-D504-488D-B977-FEC182819567", vulnerable: true, }, { criteria: "cpe:2.3:h:microsoft:surface_book:2:*:*:*:*:*:*:*", matchCriteriaId: "F75F0910-3EED-4365-B03E-B3295A762656", vulnerable: true, }, { criteria: "cpe:2.3:h:microsoft:surface_pro:3:*:*:*:*:*:*:*", matchCriteriaId: "12C0B9FE-09FD-4991-BE14-499FFC728EDD", vulnerable: true, }, { criteria: "cpe:2.3:h:microsoft:surface_pro:4:*:*:*:*:*:*:*", matchCriteriaId: "7585B88F-58FA-4DF2-AA99-185731253A05", vulnerable: true, }, { criteria: "cpe:2.3:h:microsoft:surface_pro:1796:*:*:*:*:*:*:*", matchCriteriaId: "AFD7F77C-F02B-4EAF-8836-C97ACB5AFEA8", vulnerable: true, }, { criteria: "cpe:2.3:h:microsoft:surface_pro_with_lte_advanced:1807:*:*:*:*:*:*:*", matchCriteriaId: "A98AB09C-24D8-4B58-9F4A-EF6B42EB27C8", vulnerable: true, }, { criteria: "cpe:2.3:h:microsoft:surface_studio:-:*:*:*:*:*:*:*", matchCriteriaId: "6FF4194A-8194-4727-8C10-4F44D5041011", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", matchCriteriaId: "21540673-614A-4D40-8BD7-3F07723803B0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", matchCriteriaId: "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", matchCriteriaId: "AEE2E768-0F45-46E1-B6D7-087917109D98", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", matchCriteriaId: "83B14968-3985-43C3-ACE5-8307196EFAE3", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", matchCriteriaId: "7CB85C75-4D35-480E-843D-60579EC75FCB", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", matchCriteriaId: "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", matchCriteriaId: "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", matchCriteriaId: "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", matchCriteriaId: "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:sp2:*:*:*:*:*:*:*", matchCriteriaId: "66CAFDB7-9D41-4E67-AB83-5EB104551FF5", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", matchCriteriaId: "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", matchCriteriaId: "DB18C4CE-5917-401E-ACF7-2747084FD36E", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", matchCriteriaId: "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", matchCriteriaId: "5B454BFE-D3AB-4CDC-B79B-F60EA3F57DBA", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", matchCriteriaId: "CAACE735-003E-4ACB-A82E-C0CF97D7F013", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.", }, { lang: "es", value: "Los sistemas con microprocesadores que emplean la ejecución especulativa y que realizan la ejecución especulativa de lecturas de memoria antes de que se conozcan las direcciones de todas las anteriores escrituras de memoria podrían permitir la divulgación no autorizada de información a un atacante con acceso de usuario local mediante un análisis de canal lateral. Esto también se conoce como Speculative Store Bypass (SSB), Variant 4.", }, ], id: "CVE-2018-3639", lastModified: "2024-11-21T04:05:48.867", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-05-22T12:29:00.250", references: [ { source: "secure@intel.com", tags: [ "Broken Link", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html", }, { source: "secure@intel.com", tags: [ "Broken Link", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html", }, { source: "secure@intel.com", tags: [ "Broken Link", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "http://support.lenovo.com/us/en/solutions/LEN-22133", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/06/10/1", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/06/10/2", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/06/10/5", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/104232", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040949", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1042004", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "http://xenbits.xen.org/xsa/advisory-263.html", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1629", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1630", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1632", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1633", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1635", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1636", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1637", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1638", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1639", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1640", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1641", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1642", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1643", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1644", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1645", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1646", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1647", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1648", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1649", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1650", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1651", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1652", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1653", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1654", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1655", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1656", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1657", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1658", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1659", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1660", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1661", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1662", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1663", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1664", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1665", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1666", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1667", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1668", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1669", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1674", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1675", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1676", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1686", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1688", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1689", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1690", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1696", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1710", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1711", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1737", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1738", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1826", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1854", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1965", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1967", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1997", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2001", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2003", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2006", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2060", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2161", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2162", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2164", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2171", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2172", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2216", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2228", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2246", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2250", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2258", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2289", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2309", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2328", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2363", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2364", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2387", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2394", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2396", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3396", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3397", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3398", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3399", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3400", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3401", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3402", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3407", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3423", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3424", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3425", }, { source: "secure@intel.com", tags: [ "Broken Link", ], url: "https://access.redhat.com/errata/RHSA-2019:0148", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1046", }, { source: "secure@intel.com", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", }, { source: "secure@intel.com", tags: [ "Patch", "Third Party Advisory", "Vendor Advisory", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004", }, { source: "secure@intel.com", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Jun/36", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180521-0001/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://support.citrix.com/article/CTX235225", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3651-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3652-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3653-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3653-2/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3654-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3654-2/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3655-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3655-2/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3679-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3680-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3756-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3777-3/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4210", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4273", }, { source: "secure@intel.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/44695/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/180049", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/support/security/Synology_SA_18_23", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ncas/alerts/TA18-141A", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://support.lenovo.com/us/en/solutions/LEN-22133", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/06/10/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/06/10/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/06/10/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/104232", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040949", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1042004", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://xenbits.xen.org/xsa/advisory-263.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1629", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1630", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1632", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1633", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1635", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1636", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1637", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1638", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1639", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1640", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1641", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1642", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1643", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1644", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1645", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1646", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1647", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1648", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1649", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1650", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1651", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1652", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1653", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1654", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1655", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1656", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1657", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1658", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1659", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1660", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1661", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1662", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1663", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1664", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1665", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1666", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1667", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1668", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1669", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1674", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1675", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1676", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1686", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1688", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1689", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1690", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1696", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1710", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1737", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1738", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1826", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1854", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1965", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1967", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1997", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2003", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2060", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2161", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2162", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2164", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2171", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2172", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2216", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2228", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2246", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2250", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2258", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2289", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2328", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2363", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2364", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2387", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2394", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2396", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3396", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3397", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3398", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3399", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3400", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3401", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3402", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3407", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3423", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3424", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3425", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://access.redhat.com/errata/RHSA-2019:0148", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1046", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "Vendor Advisory", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Jun/36", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180521-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.citrix.com/article/CTX235225", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3651-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3652-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3653-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3653-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3654-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3654-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3655-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3655-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3679-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3680-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3756-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3777-3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4210", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4273", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/44695/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/180049", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/support/security/Synology_SA_18_23", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ncas/alerts/TA18-141A", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-203", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-04-20 00:29
Modified
2024-11-21 04:20
Severity ?
Summary
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*", matchCriteriaId: "D2D193C7-2259-492F-8B85-E74C57A7426A", versionEndExcluding: "3.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", matchCriteriaId: "FC5AB839-4DAC-45E7-9D0B-B528F6D12043", versionEndExcluding: "7.66", versionStartIncluding: "7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", matchCriteriaId: "9106BF81-B898-4EB0-B63C-9919D3B22260", versionEndExcluding: "8.5.15", versionStartIncluding: "8.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", matchCriteriaId: "9B37281E-9B44-42A5-AE0A-17CE6770995C", versionEndExcluding: "8.6.15", versionStartIncluding: "8.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:*", matchCriteriaId: "E75C32CE-3FA9-4DC2-A22A-4A841D4911EB", versionEndExcluding: "1.11.9", versionStartIncluding: "1.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:*", matchCriteriaId: "F6F204D6-2C8A-4517-8E3C-328ED0D9D3E4", versionEndExcluding: "1.12.6", versionStartIncluding: "1.12.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", matchCriteriaId: "40513095-7E6E-46B3-B604-C926F1BA3568", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B9273745-6408-4CD3-94E8-9385D4F5FE69", versionEndIncluding: "3.1.3", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", matchCriteriaId: "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:*", matchCriteriaId: "04AC556D-D511-4C4C-B9FB-A089BB2FEFD5", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*", matchCriteriaId: "9FA1A18F-D997-4121-A01B-FD9B3BF266CF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.1:*:*:*:*:*:*:*", matchCriteriaId: "230E2167-9107-4994-8328-295575E17DF6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "A079FD6E-3BB0-4997-9A8E-6F8FEC89887A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "900D2344-5160-42A0-8C49-36DBC7FF3D87", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:*", matchCriteriaId: "A4AA4B21-1BA9-4ED8-B9EA-558AF8655D24", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:*", matchCriteriaId: "9C3F9EE5-FCFC-45B8-9F57-C05D42EE0FF0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*", matchCriteriaId: "90CFEC52-A574-493E-A2AC-0EC21851BBFA", versionEndExcluding: "19.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_service_level_management:13.2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3665B8A2-1F1A-490F-B01D-5B3455A6A539", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_service_level_management:13.3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "A8577D60-A711-493D-9246-E49D0E2B07E0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*", matchCriteriaId: "17EA8B91-7634-4636-B647-1049BA7CA088", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "5B4DF46F-DBCC-41F2-A260-F83A14838F23", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_testing_suite:13.2:*:*:*:*:*:*:*", matchCriteriaId: "5E5BC0B6-0C66-4FC5-81F0-6AC9BEC0813E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "10F17843-32EA-4C31-B65C-F424447BEF7B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_testing_suite:13.3:*:*:*:*:*:*:*", matchCriteriaId: "C784CEE8-F071-4583-A72D-F46C7C95FEC0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A125E817-F974-4509-872C-B71933F42AD1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*", matchCriteriaId: "BBE7BF09-B89C-4590-821E-6C0587E096B5", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*", matchCriteriaId: "ADAE8A71-0BCD-42D5-B38C-9B2A27CC1E6B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*", matchCriteriaId: "E7231D2D-4092-44F3-B60A-D7C9ED78AFDF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*", matchCriteriaId: "F7BDFC10-45A0-46D8-AB92-4A5E2C1C76ED", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*", matchCriteriaId: "18127694-109C-4E7E-AE79-0BA351849291", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*", matchCriteriaId: "33F68878-BC19-4DB8-8A72-BD9FE3D0ACEC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:*", matchCriteriaId: "660DB443-6250-4956-ABD1-C6A522B8DCCA", versionEndIncluding: "2.8.0", versionStartIncluding: "2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "3625D477-1338-46CB-90B1-7291D617DC39", versionEndIncluding: "2.10.0", versionStartIncluding: "2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:bi_publisher:5.5.0.0.0:*:*:*:*:*:*:*", matchCriteriaId: "5CD806C1-CC17-47BD-8BB0-9430C4253BC7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "9DC56004-4497-4CDD-AE76-5E3DFAE170F0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "274A0CF5-41E8-42E0-9931-F7372A65B9C4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:*", matchCriteriaId: "8C4C38FF-B75B-4DF1-BFB3-C91BDD10D90E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "E869C417-C0E6-4FC3-B406-45598A1D1906", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "DFEFE2C0-7B98-44F9-B3AD-D6EC607E90DA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "55D98C27-734F-490B-92D5-251805C841B9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*", matchCriteriaId: "B796AC70-A220-48D8-B8CD-97CF57227962", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*", matchCriteriaId: "E6039DC7-08F2-4DD9-B5B5-B6B22DD2409F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*", matchCriteriaId: "790A89FD-6B86-49AE-9B4F-AE7262915E13", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*", matchCriteriaId: "7231AF76-3D46-41C4-83E9-6E9E12940BD9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*", matchCriteriaId: "E39D442D-1997-49AF-8B02-5640BE2A26CC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*", matchCriteriaId: "A9317C01-22AA-452B-BBBF-5FAFFFB8BEA4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*", matchCriteriaId: "C4534CF9-D9FD-4936-9D8C-077387028A05", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*", matchCriteriaId: "D60384BD-284C-4A68-9EEF-0FAFDF0C21F3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*", matchCriteriaId: "FCA44E38-EB8C-4E2D-8611-B201F47520E9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*", matchCriteriaId: "1A0E3537-CB5A-40BF-B42C-CED9211B8892", versionEndIncluding: "16.4.0", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", matchCriteriaId: "0C57FD3A-0CC1-4BA9-879A-8C4A40234162", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", matchCriteriaId: "698FB6D0-B26F-4760-9B9B-1C65FBFF2126", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*", matchCriteriaId: "4F1D64BC-17BF-4DAE-B5FC-BC41F9C12DFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:*", matchCriteriaId: "4E16A16E-BFA3-4D17-9B4E-B42ADE725356", versionEndIncluding: "6.4", versionStartIncluding: "6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*", matchCriteriaId: "9264AF8A-3819-40E5-BBCB-3B6C95A0D828", versionEndIncluding: "4.3", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", matchCriteriaId: "D52F557F-D0A0-43D3-85F1-F10B6EBFAEDF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", matchCriteriaId: "E3517A27-E6EE-497C-9996-F78171BBE90F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.1.0:*:*:*:*:*:*:*", matchCriteriaId: "1C3CE8D5-6404-4CEB-953E-7B7961BC14D6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", matchCriteriaId: "062E4E7C-55BB-46F3-8B61-5A663B565891", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", matchCriteriaId: "DB43DFD4-D058-4001-BD19-488E059F4532", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", matchCriteriaId: "086E2E5C-44EB-4C07-B298-C04189533996", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*", matchCriteriaId: "AA77B994-3872-4059-854B-0974AA5593D4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", matchCriteriaId: "5682DAEB-3810-4541-833A-568C868BCE0B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", matchCriteriaId: "01BC9AED-F81D-4344-AD97-EEF19B6EA8C7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*", matchCriteriaId: "8198E762-9AD9-452B-B1AF-516E52436B7D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3:*:*:*:*:*:*:*", matchCriteriaId: "D0D177F6-25D9-4696-8528-3F57D91BAC12", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*", matchCriteriaId: "539DA24F-E3E0-4455-84C6-A9D96CD601B3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*", matchCriteriaId: "726DB59B-00C7-444E-83F7-CB31032482AB", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:diagnostic_assistant:2.12.36:*:*:*:*:*:*:*", matchCriteriaId: "80B6D265-9D72-45C3-AA2C-5B186E23CDAF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", matchCriteriaId: "AB654DFA-FEF9-4D00-ADB0-F3F2B6ACF13E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", matchCriteriaId: "37209C6F-EF99-4D21-9608-B3A06D283D24", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B095CC03-7077-4A58-AB25-CC5380CDCE5A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*", matchCriteriaId: "7015A8CB-8FA6-423E-8307-BD903244F517", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*", matchCriteriaId: "B5BC32AA-78BE-468B-B92A-5A0FFFA970FA", versionEndIncluding: "7.3.5", versionStartIncluding: "7.3.3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*", matchCriteriaId: "FA699B16-5100-4485-9BB7-85B247743B17", versionEndIncluding: "8.1.0", versionStartIncluding: "8.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:*", matchCriteriaId: "A7E00BA1-E643-45D9-97D3-EF12C29DB262", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "2ACA29E6-F393-46E5-B2B3-9158077819A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:*", matchCriteriaId: "703DA91D-3440-4C67-AA20-78F71B1376DD", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "39B8DFFF-B037-4F29-8C8E-F4BBC3435199", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*", matchCriteriaId: "4D0D0EAC-300D-44B1-AD4A-93A368D5DBA1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:*", matchCriteriaId: "9CB2A0EB-E1C7-4206-8E64-D2EE77C1CD86", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "8A566893-8DCF-49E4-93D0-0ACCEFD70D3D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:*", matchCriteriaId: "A180039F-22C3-458E-967D-E07C61C69FAF", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "00E5D719-249D-48B8-BAFC-1E14D250B3F6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:*", matchCriteriaId: "2C5F6B8C-2044-4E68-98BD-37B0CD108434", versionEndIncluding: "8.0.8", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:*", matchCriteriaId: "672949B4-1989-4AA7-806F-EEC07D07F317", versionEndIncluding: "8.0.9", versionStartIncluding: "8.0.6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:*", matchCriteriaId: "73E05211-8415-42FB-9B93-959EB03B090B", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.5", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "9476D1DA-C8A8-40A0-94DD-9B46C05FD461", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.6:*:*:*:*:*:*:*", matchCriteriaId: "7DEE0A37-6B9A-43FE-B3E0-8AB5CA368425", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7:*:*:*:*:*:*:*", matchCriteriaId: "CF6A5433-A7D9-4521-9D28-E7684FB76E5B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:*", matchCriteriaId: "AC15899F-8528-4D10-8CD5-F67121D7F293", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "F727AAC6-6D9F-4B28-B07C-6A93916C43A3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:*", matchCriteriaId: "30657F1B-D1FC-4EE6-9854-18993294A01D", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "51C17460-D326-4525-A7D1-0AED53E75E18", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "30F0991A-8507-48C4-9A8E-DE5B28C46A99", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "A00142E6-EEB3-44BD-AB0D-0E5C5640557F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.0.1.0:*:*:*:*:*:*:*", matchCriteriaId: "00ED7CB0-96F7-4089-9047-A3AC241139C2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.2:*:*:*:*:*:*:*", matchCriteriaId: "005E458D-4059-4E20-A620-B25DEBCE40C2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "74008AEE-589F-423E-8D77-EA54C36D776A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.5.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FD85DB06-692F-4E81-BEB7-1E41B438D1FD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*", matchCriteriaId: "6149C89E-0111-4CF9-90CA-0662D2F75E04", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*", matchCriteriaId: "6CDDF6CA-6441-4606-9D2F-22A67BA46978", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*", matchCriteriaId: "6FA0B592-A216-4320-A4FE-ABCA6B3E7D7A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "CEA4D6CF-D54A-40DF-9B70-E13392D0BE19", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:*", matchCriteriaId: "DB6C521C-F104-4E26-82F2-6F63F94108BC", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "397B1A24-7C95-4A73-8363-4529A7F6CFCC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:*", matchCriteriaId: "402B8642-7ACC-4F42-87A9-AB4D3B581751", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*", matchCriteriaId: "EF6D5112-4055-4F89-A5B3-0DCB109481B7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*", matchCriteriaId: "D262848E-AA24-4057-A747-6221BA22ADF4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:*:*:*:*:*:*:*:*", matchCriteriaId: "2163B848-D684-4B17-969A-36E0866C5749", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:*", matchCriteriaId: "00615085-65B2-4211-A766-551842B3356F", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "F8E565DA-91BE-44FC-A28F-579BE8D2281A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*", matchCriteriaId: "51DB64CA-8953-43BB-AEA9-D0D7E91E9FE3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.6:*:*:*:*:*:*:*", matchCriteriaId: "669BA301-4D29-4692-823B-CDEDD2A5BD18", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.7:*:*:*:*:*:*:*", matchCriteriaId: "419559E6-5441-4335-8FE1-6ADAAD9355DE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:*", matchCriteriaId: "036E4450-53C6-4322-9C7D-91DA94C9A3C9", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_retail_customer_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "89C26226-A3CF-4D36-BBDA-80E298E0A51F", versionEndIncluding: "8.0.6", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.6:*:*:*:*:*:*:*", matchCriteriaId: "F67D1332-621E-4756-B205-97A5CF670A19", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7:*:*:*:*:*:*:*", matchCriteriaId: "6748C867-0A52-452B-B4D6-DA80396F4152", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "A64B5C4C-DF69-4292-A534-EDC5955CDDAE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C7141C66-0384-4BA1-A788-91DEB7EF1361", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "06E586B3-3434-4B08-8BE3-16C528642CA5", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*", matchCriteriaId: "26A1F27B-C3AC-4D13-B9B2-2D6CF65D07BC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "B95E8056-51D8-4390-ADE3-661B7AE1D7CE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_foundation:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "4EFC8DAB-E5D8-420C-B800-08F8C5BF3F4F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*", matchCriteriaId: "9059A907-508B-4844-8D7B-0FA68C0DF6A6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:*", matchCriteriaId: "A5ACB1D2-69CE-4B7D-9B51-D8F80E541631", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*", matchCriteriaId: "B1F726C6-EA5A-40FF-8809-4F48E4AE6976", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*", matchCriteriaId: "CD7C26E3-BB0D-4218-8176-319AEA2925C8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*", matchCriteriaId: "DD67072F-3CFC-480D-9360-81A05D523318", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*", matchCriteriaId: "652E762A-BCDD-451E-9DE3-F1555C1E4B16", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*", matchCriteriaId: "1A3DC116-2844-47A1-BEC2-D0675DD97148", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*", matchCriteriaId: "E0F1DF3E-0F2D-4EFC-9A3E-F72149C8AE94", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*", matchCriteriaId: "2AC63D10-2326-4542-B345-31D45B9A7408", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:*", matchCriteriaId: "7BFD7783-BE15-421C-A550-7FE15AB53ABF", versionEndIncluding: "19.1.2", versionStartIncluding: "19.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*", matchCriteriaId: "1F7BF047-03C5-4A60-B718-E222B16DBF41", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*", matchCriteriaId: "E3A73D81-3E1A-42E6-AB96-835CDD5905F2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:identity_manager:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "AA10CA55-C155-4DAD-A109-87A80116F1A1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*", matchCriteriaId: "66136D6D-FC52-40DB-B7B6-BA8B7758CE16", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*", matchCriteriaId: "06514F46-544B-4404-B45C-C9584EBC3131", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "3BD4BF9A-BF38-460D-974D-5B3255AAF946", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:*", matchCriteriaId: "92D538A5-819D-4DF7-85FE-4D4EB6E230E0", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.6:*:*:*:*:*:*:*", matchCriteriaId: "AEDA3A88-002B-4700-9277-3187C0A3E4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.7:*:*:*:*:*:*:*", matchCriteriaId: "BE886BC5-F807-4627-8233-2290817FE205", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*", matchCriteriaId: "B47C73D0-BE89-4D87-8765-12C507F13AFF", versionEndIncluding: "5.6.0.0", versionStartIncluding: "5.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*", matchCriteriaId: "5B8AA91A-1880-43CD-938D-48EF58ACF2CF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_performance_insight:8.0.7:*:*:*:*:*:*:*", matchCriteriaId: "E6B5D7DB-C70E-4926-819F-E39B79F4D0C5", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*", matchCriteriaId: "41684398-18A4-4DC6-B8A2-3EBAA0CBF9A6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "A7506589-9B3B-49BA-B826-774BFDCC45B8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "228DA523-4D6D-48C5-BDB0-DB1A60F23F8B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "335AB6A7-3B1F-4FA8-AF08-7D64C16C4B04", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdeveloper_and_adf:11.1.1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "37EB4A1D-A875-46B7-BEB0-694D1F400CF7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdeveloper_and_adf:12.1.3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2233F287-6B9F-4C8A-A724-959DD3AD29AF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdeveloper_and_adf:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "2381FAB6-8D36-4389-98E4-74F3462654BA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:*", matchCriteriaId: "9E587602-BA7D-4087-BE29-ACE0B01BD590", versionEndIncluding: "8.6.3", versionStartIncluding: "8.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*", matchCriteriaId: "45CB30A1-B2C9-4BF5-B510-1F2F18B60C64", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", matchCriteriaId: "D0A735B4-4F3C-416B-8C08-9CB21BAD2889", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", matchCriteriaId: "7E1E416B-920B-49A0-9523-382898C2979D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "84668F58-6511-4E53-8213-13B440F454C1", versionEndIncluding: "12.2.15", versionStartIncluding: "12.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*", matchCriteriaId: "9D8B3B57-73D6-4402-987F-8AE723D52F94", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "62BF043E-BCB9-433D-BA09-7357853EE127", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "3F26FB80-F541-4B59-AC3C-633F49388B59", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*", matchCriteriaId: "0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*", matchCriteriaId: "12D3B2F0-E9C7-432B-91C6-A6C329A84B78", versionEndIncluding: "12.2.15", versionStartIncluding: "12.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "06CF27F6-ADC1-480C-9D2E-2BD1E7330C32", versionEndIncluding: "16.2.11", versionStartIncluding: "16.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "E4AA3854-C9FD-4287-85A0-EE7907D1E1ED", versionEndIncluding: "17.12.7", versionStartIncluding: "17.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "E8CD4002-F310-4BE4-AF7B-4BCCB17DA6FF", versionEndIncluding: "18.8.9", versionStartIncluding: "18.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "69112C56-7747-4E11-A938-85A481529F58", versionEndIncluding: "19.12.4", versionStartIncluding: "19.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:15.2.18:*:*:*:*:*:*:*", matchCriteriaId: "D9E628E7-6CC5-418C-939F-8EEA69B222A0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*", matchCriteriaId: "08FA59A8-6A62-4B33-8952-D6E658F8DAC9", versionEndIncluding: "17.12", versionStartIncluding: "17.7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*", matchCriteriaId: "D55A54FD-7DD1-49CD-BE81-0BE73990943C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*", matchCriteriaId: "82EB08C0-2D46-4635-88DF-E54F6452D3A3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", matchCriteriaId: "202AD518-2E9B-4062-B063-9858AE1F9CE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:real-time_scheduler:*:*:*:*:*:*:*:*", matchCriteriaId: "99579D88-27C0-4B93-B2F4-69B6781BC4BD", versionEndIncluding: "2.3.0.3", versionStartIncluding: "2.3.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*", matchCriteriaId: "36FC547E-861A-418C-A314-DA09A457B13A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*", matchCriteriaId: "DF9FEE51-50E3-41E9-AA0D-272A640F85CC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*", matchCriteriaId: "E69E905F-2E1A-4462-9082-FF7B10474496", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*", matchCriteriaId: "0F9B692C-8986-4F91-9EF4-2BB1E3B5C133", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*", matchCriteriaId: "C5F4C40E-3ABC-4C59-B226-224262DCFF37", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*", matchCriteriaId: "31C7EEA3-AA72-48DA-A112-2923DBB37773", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*", matchCriteriaId: "F0735989-13BD-40B3-B954-AC0529C5B53D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_central_office:14.0:*:*:*:*:*:*:*", matchCriteriaId: "83B5F416-56AE-4DC5-BCFF-49702463E716", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*", matchCriteriaId: "58405263-E84C-4071-BB23-165D49034A00", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*", matchCriteriaId: "AD4AB77A-E829-4603-AF6A-97B9CD0D687F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*", matchCriteriaId: "6DE15D64-6F49-4F43-8079-0C7827384C86", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*", matchCriteriaId: "36E16AEF-ACEB-413C-888C-8D250F65C180", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*", matchCriteriaId: "9EFAEA84-E376-40A2-8C9F-3E0676FEC527", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:*", matchCriteriaId: "237968A4-AE89-44DC-8BA3-D9651F88883D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*", matchCriteriaId: "E13DF2AE-F315-4085-9172-6C8B21AF1C9E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*", matchCriteriaId: "959316A8-C3AF-4126-A242-3835ED0AD1E8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*", matchCriteriaId: "BDB925C6-2CBC-4D88-B9EA-F246F4F7A206", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:service_bus:11.1.1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "1E2B6C75-3EB5-4BCE-B5D1-39DD3DE94139", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "70BEF219-45EC-4A53-A815-42FBE20FC300", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "1EA2023A-1AD6-41FE-A214-9D1F6021D6B6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:siebel_mobile_applications:*:*:*:*:*:*:*:*", matchCriteriaId: "2AA4E307-D5FA-461D-9809-BDD123AE7B74", versionEndIncluding: "19.8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*", matchCriteriaId: "98B9198C-11DF-4E80-ACFC-DC719CED8C7E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.0:*:*:*:*:*:*:*", matchCriteriaId: "587EE4F3-E7AC-4A69-9476-0E71E75EE7A4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:system_utilities:19.1:*:*:*:*:*:*:*", matchCriteriaId: "A7961BBD-6411-4D32-947D-3940221C235B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:tape_library_acsls:8.5:*:*:*:*:*:*:*", matchCriteriaId: "162C6FD9-AEC2-4EBA-A163-3054840B8ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:tape_library_acsls:8.5.1:*:*:*:*:*:*:*", matchCriteriaId: "A6879D52-A44E-4DF8-8A3A-3613822EB469", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:transportation_management:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "5AAF89C1-AAC2-449C-90C1-895F5F8843B4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:utilities_mobile_workforce_management:*:*:*:*:*:*:*:*", matchCriteriaId: "2F2D3FA0-BD9D-4828-AE36-1CE43D9B07D1", versionEndIncluding: "2.3.0.3", versionStartIncluding: "2.3.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "D551CAB1-4312-44AA-BDA8-A030817E153A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B40B13B7-68B3-4510-968C-6A730EB46462", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C93CC705-1F8C-4870-99E6-14BF264C3811", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "F14A818F-AA16-4438-A3E4-E64C9287AC66", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "04BCDC24-4A21-473C-8733-0D9CFB38A752", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*", matchCriteriaId: "C63557DE-E65B-46F4-99C4-247EACCB7BBA", versionEndIncluding: "3.9.4", versionStartIncluding: "3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", matchCriteriaId: "216E7DDE-453D-481F-92E2-9F8466CDDA3F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.", }, { lang: "es", value: "jQuery, en versiones anteriores a 3.4.0, como es usado en Drupal, Backdrop CMS, y otros productos, maneja mal jQuery.extend(true, {}, ...) debido a la contaminación de Object.prototype. Si un objeto fuente no sanitizado contenía una propiedad enumerable __proto__, podría extender el Object.prototype nativo.", }, ], id: "CVE-2019-11358", lastModified: "2024-11-21T04:20:56.320", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-04-20T00:29:00.247", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/06/03/2", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108023", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:1570", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2587", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://backdropcms.org/security/backdrop-sa-core-2019-009", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery/pull/4333", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/32", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Jun/12", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190919-0001/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-JQUERY-174006", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4434", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4460", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.drupal.org/sa-core-2019-006", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/security/advisory/Synology_SA_19_19", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2019-08", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2020-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/06/03/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:1570", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2587", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://backdropcms.org/security/backdrop-sa-core-2019-009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery/pull/4333", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/32", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Jun/12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190919-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-JQUERY-174006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4434", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4460", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.drupal.org/sa-core-2019-006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/security/advisory/Synology_SA_19_19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2019-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2020-02", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-1321", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-10-09 22:29
Modified
2024-11-21 03:55
Severity ?
Summary
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qemu | qemu | * | |
| qemu | qemu | 3.1.0 | |
| qemu | qemu | 3.1.0 | |
| qemu | qemu | 3.1.0 | |
| qemu | qemu | 3.1.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| redhat | openstack | 10 | |
| redhat | openstack | 13 | |
| redhat | openstack | 14 | |
| redhat | virtualization | 4.0 | |
| redhat | virtualization_manager | 4.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", matchCriteriaId: "16AFB9CD-95CF-4552-A8C1-1B4F496925B6", versionEndIncluding: "3.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:3.1.0:rc0:*:*:*:*:*:*", matchCriteriaId: "C726BD36-EA1B-4260-ABCD-29587B584058", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:3.1.0:rc1:*:*:*:*:*:*", matchCriteriaId: "58E67452-3056-42CF-A6A0-EFB854366642", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:3.1.0:rc2:*:*:*:*:*:*", matchCriteriaId: "683347B2-2CEA-4CDD-AAB8-B91B185075EA", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:3.1.0:rc3:*:*:*:*:*:*", matchCriteriaId: "D894F303-34A4-445B-B63E-EFABD6ABF7D7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", matchCriteriaId: "07C312A0-CD2C-4B9C-B064-6409B25C278F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", matchCriteriaId: "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", matchCriteriaId: "704CFA1A-953E-4105-BFBE-406034B83DED", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*", matchCriteriaId: "EB7F358B-5E56-41AB-BB8A-23D3CB7A248B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*", matchCriteriaId: "9FA1A18F-D997-4121-A01B-FD9B3BF266CF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.", }, { lang: "es", value: "qemu_deliver_packet_iov en net/net.c en Qemu acepta tamaños de paquetes mayores a INT_MAX, lo que permite que los atacantes provoquen una denegación de servicio (DoS) o tengan otro tipo de impacto sin especificar.", }, ], id: "CVE-2018-17963", lastModified: "2024-11-21T03:55:17.510", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-10-09T22:29:01.157", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2018/10/08/1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2166", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2425", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2553", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg06054.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3826-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4338", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2018/10/08/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2166", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2425", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2553", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg06054.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3826-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4338", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-07-11 19:15
Modified
2024-11-21 04:18
Severity ?
Summary
Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.securityfocus.com/bid/109140 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2019:2499 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10194 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/109140 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:2499 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10194 | Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ovirt | ovirt | * | |
| redhat | virtualization_manager | 4.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ovirt:ovirt:*:*:*:*:*:*:*:*", matchCriteriaId: "A1790798-FF13-427A-B10C-60359C6435D3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*", matchCriteriaId: "9FA1A18F-D997-4121-A01B-FD9B3BF266CF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts.", }, { lang: "es", value: "Contraseñas confidenciales utilizadas en la implementación y configuración de oVirt Metrics, todas las versiones. Se detectó que no estaban suficientemente protegidas. Las contraseñas se pueden revelar en archivos de registro (si los playbooks se ejecutan con -v) o en los playbooks almacenados en los hosts de Metrics or Bastion.", }, ], id: "CVE-2019-10194", lastModified: "2024-11-21T04:18:37.697", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.5, impactScore: 4, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-07-11T19:15:12.783", references: [ { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/109140", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2499", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10194", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/109140", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2499", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10194", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2018-04-24 18:29
Modified
2024-11-21 03:59
Severity ?
Summary
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 17.10 | |
| canonical | ubuntu_linux | 18.04 | |
| redhat | ceph_storage | 3.0 | |
| redhat | enterprise_linux_fast_datapath | 7.0 | |
| redhat | openshift | 3.0 | |
| redhat | openstack | 8 | |
| redhat | openstack | 9 | |
| redhat | openstack | 10 | |
| redhat | openstack | 11 | |
| redhat | openstack | 12 | |
| redhat | virtualization | 4.0 | |
| redhat | virtualization | 4.1 | |
| redhat | virtualization_manager | 4.1 | |
| redhat | enterprise_linux | 7.0 | |
| dpdk | data_plane_development_kit | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", matchCriteriaId: "9070C9D8-A14A-467F-8253-33B966C16886", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*", matchCriteriaId: "516F4E8E-ED2F-4282-9DAB-D8B378F61258", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:enterprise_linux_fast_datapath:7.0:*:*:*:*:*:*:*", matchCriteriaId: "559A4609-EC7E-40CD-9165-5DA68CBCEE9B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "45690263-84D9-45A1-8C30-3ED2F0F11F47", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*", matchCriteriaId: "E8B8C725-34CF-4340-BE7B-37E58CF706D6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*", matchCriteriaId: "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", matchCriteriaId: "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*", matchCriteriaId: "4E9AF77C-5D49-4842-9817-AD710A919073", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*", matchCriteriaId: "4D4AC996-B340-4A14-86F7-FF83B4D5EC8F", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:4.1:*:*:*:*:*:*:*", matchCriteriaId: "03EB0F63-DB24-4240-BC44-C92BAE7EAF42", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.1:*:*:*:*:*:*:*", matchCriteriaId: "AF786B57-02C3-48B7-B902-318356B3A3B6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*", matchCriteriaId: "723DDE45-6CD8-4486-B742-FCFA0EA88873", versionEndExcluding: "18.02.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable.", }, { lang: "es", value: "La interfaz vhost de usuario de DPDK no verifica que el rango físico invitado solicitado esté mapeado y sea contiguo al realizar traducciones de direcciones físicas de invitado a direcciones virtuales del host. Esto podría conducir a que un invitado malicioso exponga la memoria del proceso del backend del usuario vhost. Todas las versiones anteriores a la 18.02.1 son vulnerables.", }, ], id: "CVE-2018-1059", lastModified: "2024-11-21T03:59:05.420", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.9, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-04-24T18:29:00.233", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1267", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2018:2038", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2018:2102", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2018:2524", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2018-1059", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1544298", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3642-1/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3642-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1267", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2018:2038", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2018:2102", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2018:2524", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2018-1059", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1544298", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3642-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3642-2/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-03 19:15
Modified
2024-11-21 06:22
Severity ?
Summary
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible_automation_platform_early_access | 2.0 | |
| redhat | ansible_engine | * | |
| redhat | openstack | 1 | |
| redhat | openstack | 16.1 | |
| redhat | virtualization | 4.0 | |
| redhat | virtualization_for_ibm_power_little_endian | 4.0 | |
| redhat | virtualization_host | 4.0 | |
| redhat | virtualization_manager | 4.4 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux_for_power_little_endian | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_automation_platform_early_access:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E3871C74-20C4-4212-AEF1-D792637A92B8", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "19A338B7-0C96-497E-AF9C-EA78F143CCBE", versionEndExcluding: "2.9.27", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:1:*:*:*:*:*:*:*", matchCriteriaId: "4B7FF772-FC99-435A-8D6F-6999656B9593", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:16.1:*:*:*:*:*:*:*", matchCriteriaId: "C9D3F4FF-AD3D-4D17-93E8-84CAFCED2F59", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_for_ibm_power_little_endian:4.0:*:*:*:*:*:*:*", matchCriteriaId: "FDE26BBE-BD17-43B4-9C3F-B009F5AD0396", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", matchCriteriaId: "BB28F9AF-3D06-4532-B397-96D7E4792503", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.4:*:*:*:*:*:*:*", matchCriteriaId: "E0E1B0D8-7067-4FE7-A309-917AE4D59E7E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*", matchCriteriaId: "47811209-5CE5-4375-8391-B0A7F6A0E420", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.", }, { lang: "es", value: "Se ha encontrado un fallo en el módulo ansible-connection de Ansible Engine, en el que información confidencial, como las credenciales de usuario de Ansible, es revelado por defecto en el mensaje de error de rastreo. La mayor amenaza de esta vulnerabilidad es la confidencialidad", }, ], id: "CVE-2021-3620", lastModified: "2024-11-21T06:22:00.013", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-03T19:15:08.237", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1975767", }, { source: "secalert@redhat.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0", }, { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1975767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-209", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-209", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2018-07-19 13:29
Modified
2024-11-21 03:31
Severity ?
Summary
Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | openshift_container_platform | 3.3 | |
| redhat | openshift_container_platform | 3.4 | |
| redhat | openshift_container_platform | 3.5 | |
| redhat | openstack | 10 | |
| redhat | openstack | 11 | |
| redhat | storage_console | 2.0 | |
| redhat | virtualization | 4.1 | |
| redhat | virtualization_manager | 4.1 | |
| redhat | gluster_storage | 3.2 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | ansible_engine | * | |
| redhat | ansible_engine | * | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_container_platform:3.3:*:*:*:*:*:*:*", matchCriteriaId: "EA3ADA26-2B9E-4ABA-A224-910BD75CCE00", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform:3.4:*:*:*:*:*:*:*", matchCriteriaId: "67E80045-56E4-4A83-8168-CFED5E55CE45", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform:3.5:*:*:*:*:*:*:*", matchCriteriaId: "E792B5DC-CCD2-4A50-B72F-860A3BFAF165", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", matchCriteriaId: "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*", matchCriteriaId: "4E9AF77C-5D49-4842-9817-AD710A919073", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:storage_console:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E916298F-E4F3-49FB-92DA-C92013188C44", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:4.1:*:*:*:*:*:*:*", matchCriteriaId: "03EB0F63-DB24-4240-BC44-C92BAE7EAF42", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.1:*:*:*:*:*:*:*", matchCriteriaId: "AF786B57-02C3-48B7-B902-318356B3A3B6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:gluster_storage:3.2:*:*:*:*:*:*:*", matchCriteriaId: "518056FB-E049-45AF-876A-C1682118E29D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "5F675D17-E806-4C38-8A36-49032C25ECAF", versionEndExcluding: "2.3.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "3885EAB7-4ED7-493B-8124-A4434312C75B", versionEndExcluding: "2.4.0.0", versionStartIncluding: "2.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.", }, { lang: "es", value: "Ansible en versiones anteriores a la 2.3.1.0 y 2.4.0.0 no marca correctamente los resultados del plugin lookup como no seguros. Si un atacante pudiese controlar los resultados de las llamadas lookup(), podrían inyectar cadenas Unicode para que sean analizadas por el sistema de plantillas jinja2, resultando en una ejecución de código. Por defecto, el lenguaje de plantillas jinja2 se marca ahora como \"no seguro\" y no se evalúa.", }, ], id: "CVE-2017-7481", lastModified: "2024-11-21T03:31:59.250", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-07-19T13:29:00.340", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/98492", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1244", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1334", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1476", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1499", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1599", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2524", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4072-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/98492", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1244", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1334", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1499", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:1599", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2524", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4072-1/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-01-25 18:29
Modified
2024-11-21 03:53
Severity ?
Summary
A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:rsyslog:rsyslog:*:*:*:*:*:*:*:*", matchCriteriaId: "09D6181E-8ED9-43C4-9393-FE7780EC919C", versionEndExcluding: "8.27.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*", matchCriteriaId: "9FA1A18F-D997-4121-A01B-FD9B3BF266CF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*", matchCriteriaId: "566507B6-AC95-47F7-A3FB-C6F414E45F51", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*", matchCriteriaId: "1CDCFF34-6F1D-45A1-BE37-6A0E17B04801", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*", matchCriteriaId: "B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*", matchCriteriaId: "37CE1DC7-72C5-483C-8921-0B462C8284D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", matchCriteriaId: "BB28F9AF-3D06-4532-B397-96D7E4792503", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.", }, { lang: "es", value: "Se ha detectado una vulnerabilidad de denegación de servicio (DoS) en rsyslog en el módulo imptcp. Un atacante podría enviar un mensaje especialmente manipulado al socket imptcp, lo que conduciría al cierre forzado de rsyslog. Las versiones anteriores a la 8.27.0 son vulnerables.", }, ], id: "CVE-2018-16881", lastModified: "2024-11-21T03:53:31.293", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-01-25T18:29:00.257", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:2501", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2110", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2437", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2439", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Mitigation", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16881", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/05/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:2501", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2110", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2437", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2439", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mitigation", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16881", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/05/msg00028.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
CVE-2018-1059 (GCVE-0-2018-1059)
Vulnerability from cvelistv5
Published
2018-04-24 18:00
Modified
2024-09-17 00:46
Severity ?
EPSS score ?
Summary
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2018:2524 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2102 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/security/cve/cve-2018-1059 | x_refsource_MISC | |
| https://usn.ubuntu.com/3642-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://access.redhat.com/errata/RHSA-2018:2038 | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/3642-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://access.redhat.com/errata/RHSA-2018:1267 | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1544298 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Red Hat, Inc. | DPDK |
Version: before 18.02.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:44:11.812Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2018:2524", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2524", }, { name: "RHSA-2018:2102", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2102", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://access.redhat.com/security/cve/cve-2018-1059", }, { name: "USN-3642-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3642-2/", }, { name: "RHSA-2018:2038", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2038", }, { name: "USN-3642-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3642-1/", }, { name: "RHSA-2018:1267", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1267", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1544298", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "DPDK", vendor: "Red Hat, Inc.", versions: [ { status: "affected", version: "before 18.02.1", }, ], }, ], datePublic: "2018-04-23T00:00:00", descriptions: [ { lang: "en", value: "The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-08-21T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2018:2524", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2524", }, { name: "RHSA-2018:2102", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2102", }, { tags: [ "x_refsource_MISC", ], url: "https://access.redhat.com/security/cve/cve-2018-1059", }, { name: "USN-3642-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3642-2/", }, { name: "RHSA-2018:2038", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2038", }, { name: "USN-3642-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3642-1/", }, { name: "RHSA-2018:1267", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1267", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1544298", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", DATE_PUBLIC: "2018-04-23T00:00:00", ID: "CVE-2018-1059", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "DPDK", version: { version_data: [ { version_value: "before 18.02.1", }, ], }, }, ], }, vendor_name: "Red Hat, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2018:2524", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2524", }, { name: "RHSA-2018:2102", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2102", }, { name: "https://access.redhat.com/security/cve/cve-2018-1059", refsource: "MISC", url: "https://access.redhat.com/security/cve/cve-2018-1059", }, { name: "USN-3642-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3642-2/", }, { name: "RHSA-2018:2038", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2038", }, { name: "USN-3642-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3642-1/", }, { name: "RHSA-2018:1267", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1267", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1544298", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1544298", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2018-1059", datePublished: "2018-04-24T18:00:00Z", dateReserved: "2017-12-04T00:00:00", dateUpdated: "2024-09-17T00:46:47.514Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-3639 (GCVE-0-2018-3639)
Vulnerability from cvelistv5
Published
2018-05-22 12:00
Modified
2024-09-16 22:55
Severity ?
EPSS score ?
Summary
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Multiple |
Version: Multiple |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:50:30.281Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2018:1689", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1689", }, { name: "RHSA-2018:2162", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2162", }, { name: "RHSA-2018:1641", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1641", }, { name: "USN-3680-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3680-1/", }, { name: "RHSA-2018:1997", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1997", }, { name: "RHSA-2018:1665", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1665", }, { name: "RHSA-2018:3407", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3407", }, { name: "RHSA-2018:2164", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2164", }, { name: "RHSA-2018:2001", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2001", }, { name: "RHSA-2018:3423", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3423", }, { name: "RHSA-2018:2003", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2003", }, { name: "USN-3654-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3654-1/", }, { name: "RHSA-2018:1645", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1645", }, { name: "RHSA-2018:1643", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1643", }, { name: "RHSA-2018:1652", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1652", }, { name: "RHSA-2018:3424", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3424", }, { name: "RHSA-2018:3402", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3402", }, { name: "TA18-141A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "https://www.us-cert.gov/ncas/alerts/TA18-141A", }, { name: "RHSA-2018:1656", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1656", }, { name: "RHSA-2018:1664", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1664", }, { name: "RHSA-2018:2258", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2258", }, { name: "RHSA-2018:1688", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1688", }, { name: "RHSA-2018:1658", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1658", }, { name: "RHSA-2018:1657", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1657", }, { name: "RHSA-2018:2289", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2289", }, { name: "RHSA-2018:1666", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1666", }, { name: "1042004", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1042004", }, { name: "RHSA-2018:1675", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1675", }, { name: "RHSA-2018:1660", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1660", }, { name: "RHSA-2018:1965", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1965", }, { name: "RHSA-2018:1661", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1661", }, { name: "RHSA-2018:1633", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1633", }, { name: "RHSA-2018:1636", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1636", }, { name: "RHSA-2018:1854", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1854", }, { name: "RHSA-2018:2006", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2006", }, { name: "RHSA-2018:2250", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2250", }, { name: "1040949", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040949", }, { name: "RHSA-2018:3401", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3401", }, { name: "RHSA-2018:1737", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1737", }, { name: "RHSA-2018:1826", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1826", }, { name: "USN-3651-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3651-1/", }, { name: "DSA-4210", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4210", }, { name: "44695", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/44695/", }, { name: "RHSA-2018:1651", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1651", }, { name: "RHSA-2018:1638", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1638", }, { name: "RHSA-2018:1696", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1696", }, { name: "RHSA-2018:2246", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2246", }, { name: "RHSA-2018:1644", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1644", }, { name: "RHSA-2018:1646", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1646", }, { name: "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html", }, { name: "RHSA-2018:1639", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1639", }, { name: "RHSA-2018:1668", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1668", }, { name: "RHSA-2018:1637", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1637", }, { name: "RHSA-2018:2948", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { name: "VU#180049", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/180049", }, { name: "RHSA-2018:1686", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1686", }, { name: "RHSA-2018:2172", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2172", }, { name: "RHSA-2018:1663", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1663", }, { name: "USN-3652-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3652-1/", }, { name: "RHSA-2018:1629", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1629", }, { name: "RHSA-2018:1655", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1655", }, { name: "RHSA-2018:1640", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1640", }, { name: "RHSA-2018:1669", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1669", }, { name: "RHSA-2018:1676", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1676", }, { name: "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel", }, { name: "RHSA-2018:3425", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3425", }, { name: "RHSA-2018:2363", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2363", }, { name: "RHSA-2018:1632", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1632", }, { name: "RHSA-2018:1650", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1650", }, { name: "RHSA-2018:2396", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2396", }, { name: "RHSA-2018:2364", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2364", }, { name: "USN-3653-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3653-2/", }, { name: "RHSA-2018:2216", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2216", }, { name: "USN-3655-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3655-1/", }, { name: "RHSA-2018:1649", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1649", }, { name: "RHSA-2018:2309", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2309", }, { name: "104232", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/104232", }, { name: "RHSA-2018:1653", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1653", }, { name: "RHSA-2018:2171", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2171", }, { name: "RHSA-2018:1635", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1635", }, { name: "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html", }, { name: "RHSA-2018:2394", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2394", }, { name: "RHSA-2018:1710", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1710", }, { name: "RHSA-2018:1659", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1659", }, { name: "RHSA-2018:1711", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1711", }, { name: "DSA-4273", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4273", }, { name: "RHSA-2018:1738", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1738", }, { name: "RHSA-2018:1674", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1674", }, { name: "RHSA-2018:3396", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3396", }, { name: "RHSA-2018:1667", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1667", }, { name: "USN-3654-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3654-2/", }, { name: "RHSA-2018:1662", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1662", }, { name: "RHSA-2018:1630", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1630", }, { name: "RHSA-2018:1647", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1647", }, { name: "RHSA-2018:1967", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1967", }, { name: "USN-3655-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3655-2/", }, { name: "RHSA-2018:3399", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3399", }, { name: "RHSA-2018:2060", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2060", }, { name: "RHSA-2018:1690", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1690", }, { name: "USN-3653-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3653-1/", }, { name: "RHSA-2018:2161", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2161", }, { name: "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html", }, { name: "RHSA-2018:2328", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2328", }, { name: "RHSA-2018:1648", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1648", }, { name: "RHSA-2018:2387", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2387", }, { name: "RHSA-2019:0148", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0148", }, { name: "RHSA-2018:1654", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1654", }, { name: "USN-3679-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3679-1/", }, { name: "USN-3777-3", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3777-3/", }, { name: "RHSA-2018:1642", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1642", }, { name: "RHSA-2018:3397", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3397", }, { name: "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { name: "USN-3756-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3756-1/", }, { name: "RHSA-2018:3398", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3398", }, { name: "RHSA-2018:3400", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3400", }, { name: "RHSA-2018:2228", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2228", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { name: "RHSA-2019:1046", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1046", }, { name: "openSUSE-SU-2019:1439", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html", }, { name: "openSUSE-SU-2019:1438", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html", }, { name: "20190624 [SECURITY] [DSA 4469-1] libvirt security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Jun/36", }, { name: "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2020/06/10/1", }, { name: "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2020/06/10/2", }, { name: "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2020/06/10/5", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.lenovo.com/us/en/solutions/LEN-22133", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.citrix.com/article/CTX235225", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.synology.com/support/security/Synology_SA_18_23", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://xenbits.xen.org/xsa/advisory-263.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20180521-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html", }, { name: "openSUSE-SU-2020:1325", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Multiple", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Multiple", }, ], }, ], datePublic: "2018-05-21T00:00:00", descriptions: [ { lang: "en", value: "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-02T20:06:27", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { name: "RHSA-2018:1689", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1689", }, { name: "RHSA-2018:2162", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2162", }, { name: "RHSA-2018:1641", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1641", }, { name: "USN-3680-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3680-1/", }, { name: "RHSA-2018:1997", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1997", }, { name: "RHSA-2018:1665", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1665", }, { name: "RHSA-2018:3407", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3407", }, { name: "RHSA-2018:2164", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2164", }, { name: "RHSA-2018:2001", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2001", }, { name: "RHSA-2018:3423", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3423", }, { name: "RHSA-2018:2003", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2003", }, { name: "USN-3654-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3654-1/", }, { name: "RHSA-2018:1645", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1645", }, { name: "RHSA-2018:1643", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1643", }, { name: "RHSA-2018:1652", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1652", }, { name: "RHSA-2018:3424", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3424", }, { name: "RHSA-2018:3402", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3402", }, { name: "TA18-141A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "https://www.us-cert.gov/ncas/alerts/TA18-141A", }, { name: "RHSA-2018:1656", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1656", }, { name: "RHSA-2018:1664", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1664", }, { name: "RHSA-2018:2258", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2258", }, { name: "RHSA-2018:1688", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1688", }, { name: "RHSA-2018:1658", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1658", }, { name: "RHSA-2018:1657", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1657", }, { name: "RHSA-2018:2289", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2289", }, { name: "RHSA-2018:1666", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1666", }, { name: "1042004", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1042004", }, { name: "RHSA-2018:1675", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1675", }, { name: "RHSA-2018:1660", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1660", }, { name: "RHSA-2018:1965", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1965", }, { name: "RHSA-2018:1661", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1661", }, { name: "RHSA-2018:1633", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1633", }, { name: "RHSA-2018:1636", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1636", }, { name: "RHSA-2018:1854", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1854", }, { name: "RHSA-2018:2006", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2006", }, { name: "RHSA-2018:2250", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2250", }, { name: "1040949", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040949", }, { name: "RHSA-2018:3401", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3401", }, { name: "RHSA-2018:1737", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1737", }, { name: "RHSA-2018:1826", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1826", }, { name: "USN-3651-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3651-1/", }, { name: "DSA-4210", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4210", }, { name: "44695", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/44695/", }, { name: "RHSA-2018:1651", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1651", }, { name: "RHSA-2018:1638", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1638", }, { name: "RHSA-2018:1696", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1696", }, { name: "RHSA-2018:2246", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2246", }, { name: "RHSA-2018:1644", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1644", }, { name: "RHSA-2018:1646", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1646", }, { name: "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html", }, { name: "RHSA-2018:1639", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1639", }, { name: "RHSA-2018:1668", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1668", }, { name: "RHSA-2018:1637", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1637", }, { name: "RHSA-2018:2948", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { name: "VU#180049", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "https://www.kb.cert.org/vuls/id/180049", }, { name: "RHSA-2018:1686", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1686", }, { name: "RHSA-2018:2172", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2172", }, { name: "RHSA-2018:1663", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1663", }, { name: "USN-3652-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3652-1/", }, { name: "RHSA-2018:1629", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1629", }, { name: "RHSA-2018:1655", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1655", }, { name: "RHSA-2018:1640", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1640", }, { name: "RHSA-2018:1669", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1669", }, { name: "RHSA-2018:1676", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1676", }, { name: "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel", }, { name: "RHSA-2018:3425", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3425", }, { name: "RHSA-2018:2363", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2363", }, { name: "RHSA-2018:1632", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1632", }, { name: "RHSA-2018:1650", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1650", }, { name: "RHSA-2018:2396", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2396", }, { name: "RHSA-2018:2364", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2364", }, { name: "USN-3653-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3653-2/", }, { name: "RHSA-2018:2216", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2216", }, { name: "USN-3655-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3655-1/", }, { name: "RHSA-2018:1649", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1649", }, { name: "RHSA-2018:2309", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2309", }, { name: "104232", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/104232", }, { name: "RHSA-2018:1653", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1653", }, { name: "RHSA-2018:2171", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2171", }, { name: "RHSA-2018:1635", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1635", }, { name: "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html", }, { name: "RHSA-2018:2394", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2394", }, { name: "RHSA-2018:1710", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1710", }, { name: "RHSA-2018:1659", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1659", }, { name: "RHSA-2018:1711", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1711", }, { name: "DSA-4273", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4273", }, { name: "RHSA-2018:1738", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1738", }, { name: "RHSA-2018:1674", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1674", }, { name: "RHSA-2018:3396", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3396", }, { name: "RHSA-2018:1667", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1667", }, { name: "USN-3654-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3654-2/", }, { name: "RHSA-2018:1662", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1662", }, { name: "RHSA-2018:1630", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1630", }, { name: "RHSA-2018:1647", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1647", }, { name: "RHSA-2018:1967", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1967", }, { name: "USN-3655-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3655-2/", }, { name: "RHSA-2018:3399", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3399", }, { name: "RHSA-2018:2060", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2060", }, { name: "RHSA-2018:1690", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1690", }, { name: "USN-3653-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3653-1/", }, { name: "RHSA-2018:2161", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2161", }, { name: "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html", }, { name: "RHSA-2018:2328", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2328", }, { name: "RHSA-2018:1648", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1648", }, { name: "RHSA-2018:2387", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2387", }, { name: "RHSA-2019:0148", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0148", }, { name: "RHSA-2018:1654", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1654", }, { name: "USN-3679-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3679-1/", }, { name: "USN-3777-3", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3777-3/", }, { name: "RHSA-2018:1642", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1642", }, { name: "RHSA-2018:3397", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3397", }, { name: "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { name: "USN-3756-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3756-1/", }, { name: "RHSA-2018:3398", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3398", }, { name: "RHSA-2018:3400", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3400", }, { name: "RHSA-2018:2228", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2228", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { name: "RHSA-2019:1046", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1046", }, { name: "openSUSE-SU-2019:1439", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html", }, { name: "openSUSE-SU-2019:1438", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html", }, { name: "20190624 [SECURITY] [DSA 4469-1] libvirt security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Jun/36", }, { name: "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2020/06/10/1", }, { name: "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2020/06/10/2", }, { name: "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2020/06/10/5", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.lenovo.com/us/en/solutions/LEN-22133", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.citrix.com/article/CTX235225", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.synology.com/support/security/Synology_SA_18_23", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://xenbits.xen.org/xsa/advisory-263.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20180521-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html", }, { name: "openSUSE-SU-2020:1325", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2018-05-21T00:00:00", ID: "CVE-2018-3639", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Multiple", version: { version_data: [ { version_value: "Multiple", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2018:1689", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1689", }, { name: "RHSA-2018:2162", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2162", }, { name: "RHSA-2018:1641", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1641", }, { name: "USN-3680-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3680-1/", }, { name: "RHSA-2018:1997", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1997", }, { name: "RHSA-2018:1665", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1665", }, { name: "RHSA-2018:3407", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3407", }, { name: "RHSA-2018:2164", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2164", }, { name: "RHSA-2018:2001", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2001", }, { name: "RHSA-2018:3423", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3423", }, { name: "RHSA-2018:2003", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2003", }, { name: "USN-3654-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3654-1/", }, { name: "RHSA-2018:1645", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1645", }, { name: "RHSA-2018:1643", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1643", }, { name: "RHSA-2018:1652", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1652", }, { name: "RHSA-2018:3424", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3424", }, { name: "RHSA-2018:3402", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3402", }, { name: "TA18-141A", refsource: "CERT", url: "https://www.us-cert.gov/ncas/alerts/TA18-141A", }, { name: "RHSA-2018:1656", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1656", }, { name: "RHSA-2018:1664", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1664", }, { name: "RHSA-2018:2258", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2258", }, { name: "RHSA-2018:1688", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1688", }, { name: "RHSA-2018:1658", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1658", }, { name: "RHSA-2018:1657", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1657", }, { name: "RHSA-2018:2289", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2289", }, { name: "RHSA-2018:1666", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1666", }, { name: "1042004", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1042004", }, { name: "RHSA-2018:1675", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1675", }, { name: "RHSA-2018:1660", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1660", }, { name: "RHSA-2018:1965", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1965", }, { name: "RHSA-2018:1661", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1661", }, { name: "RHSA-2018:1633", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1633", }, { name: "RHSA-2018:1636", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1636", }, { name: "RHSA-2018:1854", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1854", }, { name: "RHSA-2018:2006", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2006", }, { name: "RHSA-2018:2250", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2250", }, { name: "1040949", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040949", }, { name: "RHSA-2018:3401", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3401", }, { name: "RHSA-2018:1737", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1737", }, { name: "RHSA-2018:1826", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1826", }, { name: "USN-3651-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3651-1/", }, { name: "DSA-4210", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4210", }, { name: "44695", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/44695/", }, { name: "RHSA-2018:1651", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1651", }, { name: "RHSA-2018:1638", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1638", }, { name: "RHSA-2018:1696", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1696", }, { name: "RHSA-2018:2246", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2246", }, { name: "RHSA-2018:1644", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1644", }, { name: "RHSA-2018:1646", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1646", }, { name: "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html", }, { name: "RHSA-2018:1639", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1639", }, { name: "RHSA-2018:1668", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1668", }, { name: "RHSA-2018:1637", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1637", }, { name: "RHSA-2018:2948", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { name: "VU#180049", refsource: "CERT-VN", url: "https://www.kb.cert.org/vuls/id/180049", }, { name: "RHSA-2018:1686", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1686", }, { name: "RHSA-2018:2172", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2172", }, { name: "RHSA-2018:1663", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1663", }, { name: "USN-3652-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3652-1/", }, { name: "RHSA-2018:1629", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1629", }, { name: "RHSA-2018:1655", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1655", }, { name: "RHSA-2018:1640", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1640", }, { name: "RHSA-2018:1669", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1669", }, { name: "RHSA-2018:1676", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1676", }, { name: "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel", }, { name: "RHSA-2018:3425", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3425", }, { name: "RHSA-2018:2363", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2363", }, { name: "RHSA-2018:1632", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1632", }, { name: "RHSA-2018:1650", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1650", }, { name: "RHSA-2018:2396", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2396", }, { name: "RHSA-2018:2364", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2364", }, { name: "USN-3653-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3653-2/", }, { name: "RHSA-2018:2216", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2216", }, { name: "USN-3655-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3655-1/", }, { name: "RHSA-2018:1649", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1649", }, { name: "RHSA-2018:2309", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2309", }, { name: "104232", refsource: "BID", url: "http://www.securityfocus.com/bid/104232", }, { name: "RHSA-2018:1653", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1653", }, { name: "RHSA-2018:2171", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2171", }, { name: "RHSA-2018:1635", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1635", }, { name: "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html", }, { name: "RHSA-2018:2394", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2394", }, { name: "RHSA-2018:1710", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1710", }, { name: "RHSA-2018:1659", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1659", }, { name: "RHSA-2018:1711", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1711", }, { name: "DSA-4273", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4273", }, { name: "RHSA-2018:1738", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1738", }, { name: "RHSA-2018:1674", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1674", }, { name: "RHSA-2018:3396", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3396", }, { name: "RHSA-2018:1667", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1667", }, { name: "USN-3654-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3654-2/", }, { name: "RHSA-2018:1662", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1662", }, { name: "RHSA-2018:1630", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1630", }, { name: "RHSA-2018:1647", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1647", }, { name: "RHSA-2018:1967", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1967", }, { name: "USN-3655-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3655-2/", }, { name: "RHSA-2018:3399", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3399", }, { name: "RHSA-2018:2060", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2060", }, { name: "RHSA-2018:1690", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1690", }, { name: "USN-3653-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3653-1/", }, { name: "RHSA-2018:2161", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2161", }, { name: "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html", }, { name: "RHSA-2018:2328", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2328", }, { name: "RHSA-2018:1648", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1648", }, { name: "RHSA-2018:2387", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2387", }, { name: "RHSA-2019:0148", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0148", }, { name: "RHSA-2018:1654", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1654", }, { name: "USN-3679-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3679-1/", }, { name: "USN-3777-3", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3777-3/", }, { name: "RHSA-2018:1642", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1642", }, { name: "RHSA-2018:3397", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3397", }, { name: "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { name: "USN-3756-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3756-1/", }, { name: "RHSA-2018:3398", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3398", }, { name: "RHSA-2018:3400", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3400", }, { name: "RHSA-2018:2228", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2228", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { name: "RHSA-2019:1046", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1046", }, { name: "openSUSE-SU-2019:1439", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html", }, { name: "openSUSE-SU-2019:1438", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html", }, { name: "20190624 [SECURITY] [DSA 4469-1] libvirt security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Jun/36", }, { name: "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2020/06/10/1", }, { name: "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2020/06/10/2", }, { name: "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2020/06/10/5", }, { name: "https://www.oracle.com/security-alerts/cpujul2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", refsource: "CONFIRM", url: "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", }, { name: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", refsource: "CONFIRM", url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf", }, { name: "http://support.lenovo.com/us/en/solutions/LEN-22133", refsource: "CONFIRM", url: "http://support.lenovo.com/us/en/solutions/LEN-22133", }, { name: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004", refsource: "CONFIRM", url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004", }, { name: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012", refsource: "CONFIRM", url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012", }, { name: "https://support.citrix.com/article/CTX235225", refsource: "CONFIRM", url: "https://support.citrix.com/article/CTX235225", }, { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html", }, { name: "https://www.synology.com/support/security/Synology_SA_18_23", refsource: "CONFIRM", url: "https://www.synology.com/support/security/Synology_SA_18_23", }, { name: "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability", refsource: "CONFIRM", url: "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability", }, { name: "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html", refsource: "CONFIRM", url: "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html", }, { name: "http://xenbits.xen.org/xsa/advisory-263.html", refsource: "CONFIRM", url: "http://xenbits.xen.org/xsa/advisory-263.html", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf", }, { name: "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006", refsource: "CONFIRM", url: "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us", }, { name: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528", refsource: "MISC", url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528", }, { name: "https://security.netapp.com/advisory/ntap-20180521-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20180521-0001/", }, { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", }, { name: "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html", refsource: "CONFIRM", url: "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html", }, { name: "openSUSE-SU-2020:1325", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-3639", datePublished: "2018-05-22T12:00:00Z", dateReserved: "2017-12-28T00:00:00", dateUpdated: "2024-09-16T22:55:27.557Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-11135 (GCVE-0-2019-11135)
Vulnerability from cvelistv5
Published
2019-11-14 18:19
Modified
2024-08-04 22:48
Severity ?
EPSS score ?
Summary
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | 2019.2 IPU – TSX Asynchronous Abort |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:48:09.004Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20191118 [slackware-security] Slackware 14.2 kernel (SSA:2019-320-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Nov/26", }, { name: "openSUSE-SU-2019:2527", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html", }, { name: "openSUSE-SU-2019:2528", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html", }, { name: "FEDORA-2019-376ec5c107", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/", }, { name: "RHSA-2019:3936", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3936", }, { name: "USN-4186-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4186-2/", }, { name: "FEDORA-2019-cbb732f760", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/", }, { name: "[oss-security] 20191210 CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/12/10/3", }, { name: "[oss-security] 20191210 Re: CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/12/10/4", }, { name: "[oss-security] 20191211 Re: CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/12/11/1", }, { name: "20191216 [SECURITY] [DSA 4565-2] intel-microcode security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Dec/28", }, { name: "[debian-lts-announce] 20191230 [SECURITY] [DLA 2051-1] intel-microcode security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/12/msg00035.html", }, { name: "openSUSE-SU-2019:2710", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html", }, { name: "RHSA-2020:0026", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0026", }, { name: "RHSA-2020:0028", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0028", }, { name: "DSA-4602", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4602", }, { name: "20200114 [SECURITY] [DSA 4602-1] xen security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2020/Jan/21", }, { name: "RHSA-2020:0204", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0204", }, { name: "RHSA-2020:0279", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0279", }, { name: "RHSA-2020:0366", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0366", }, { name: "RHSA-2020:0555", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0555", }, { name: "RHSA-2020:0666", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0666", }, { name: "RHSA-2020:0730", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0730", }, { name: "GLSA-202003-56", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202003-56", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K02912734?utm_source=f5support&%3Butm_medium=RSS", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03968en_us", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10306", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "2019.2 IPU – TSX Asynchronous Abort", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-01-20T14:42:00", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { name: "20191118 [slackware-security] Slackware 14.2 kernel (SSA:2019-320-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Nov/26", }, { name: "openSUSE-SU-2019:2527", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html", }, { name: "openSUSE-SU-2019:2528", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html", }, { name: "FEDORA-2019-376ec5c107", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/", }, { name: "RHSA-2019:3936", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3936", }, { name: "USN-4186-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4186-2/", }, { name: "FEDORA-2019-cbb732f760", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/", }, { name: "[oss-security] 20191210 CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/12/10/3", }, { name: "[oss-security] 20191210 Re: CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/12/10/4", }, { name: "[oss-security] 20191211 Re: CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/12/11/1", }, { name: "20191216 [SECURITY] [DSA 4565-2] intel-microcode security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Dec/28", }, { name: "[debian-lts-announce] 20191230 [SECURITY] [DLA 2051-1] intel-microcode security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/12/msg00035.html", }, { name: "openSUSE-SU-2019:2710", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html", }, { name: "RHSA-2020:0026", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0026", }, { name: "RHSA-2020:0028", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0028", }, { name: "DSA-4602", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4602", }, { name: "20200114 [SECURITY] [DSA 4602-1] xen security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2020/Jan/21", }, { name: "RHSA-2020:0204", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0204", }, { name: "RHSA-2020:0279", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0279", }, { name: "RHSA-2020:0366", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0366", }, { name: "RHSA-2020:0555", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0555", }, { name: "RHSA-2020:0666", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0666", }, { name: "RHSA-2020:0730", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0730", }, { name: "GLSA-202003-56", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202003-56", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K02912734?utm_source=f5support&%3Butm_medium=RSS", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03968en_us", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10306", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-11135", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "2019.2 IPU – TSX Asynchronous Abort", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "20191118 [slackware-security] Slackware 14.2 kernel (SSA:2019-320-01)", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Nov/26", }, { name: "openSUSE-SU-2019:2527", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html", }, { name: "openSUSE-SU-2019:2528", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html", }, { name: "FEDORA-2019-376ec5c107", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/", }, { name: "RHSA-2019:3936", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3936", }, { name: "USN-4186-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4186-2/", }, { name: "FEDORA-2019-cbb732f760", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/", }, { name: "[oss-security] 20191210 CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/12/10/3", }, { name: "[oss-security] 20191210 Re: CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/12/10/4", }, { name: "[oss-security] 20191211 Re: CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/12/11/1", }, { name: "20191216 [SECURITY] [DSA 4565-2] intel-microcode security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Dec/28", }, { name: "[debian-lts-announce] 20191230 [SECURITY] [DLA 2051-1] intel-microcode security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/12/msg00035.html", }, { name: "openSUSE-SU-2019:2710", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html", }, { name: "RHSA-2020:0026", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0026", }, { name: "RHSA-2020:0028", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0028", }, { name: "DSA-4602", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4602", }, { name: "20200114 [SECURITY] [DSA 4602-1] xen security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2020/Jan/21", }, { name: "RHSA-2020:0204", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0204", }, { name: "RHSA-2020:0279", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0279", }, { name: "RHSA-2020:0366", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0366", }, { name: "RHSA-2020:0555", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0555", }, { name: "RHSA-2020:0666", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0666", }, { name: "RHSA-2020:0730", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0730", }, { name: "GLSA-202003-56", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202003-56", }, { name: "https://www.oracle.com/security-alerts/cpujan2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html", }, { name: "https://support.f5.com/csp/article/K02912734?utm_source=f5support&utm_medium=RSS", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K02912734?utm_source=f5support&utm_medium=RSS", }, { name: "http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03968en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03968en_us", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10306", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10306", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-11135", datePublished: "2019-11-14T18:19:25", dateReserved: "2019-04-11T00:00:00", dateUpdated: "2024-08-04T22:48:09.004Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-10194 (GCVE-0-2019-10194)
Vulnerability from cvelistv5
Published
2019-07-11 18:33
Modified
2024-08-04 22:17
Severity ?
EPSS score ?
Summary
Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10194 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/109140 | vdb-entry, x_refsource_BID | |
| https://access.redhat.com/errata/RHSA-2019:2499 | vendor-advisory, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Red Hat | ovirt-engine-metrics |
Version: all versions |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:17:18.907Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10194", }, { name: "109140", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/109140", }, { name: "RHSA-2019:2499", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2499", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ovirt-engine-metrics", vendor: "Red Hat", versions: [ { status: "affected", version: "all versions", }, ], }, ], descriptions: [ { lang: "en", value: "Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-532", description: "CWE-532", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T15:06:15", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10194", }, { name: "109140", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/109140", }, { name: "RHSA-2019:2499", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2499", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-10194", datePublished: "2019-07-11T18:33:06", dateReserved: "2019-03-27T00:00:00", dateUpdated: "2024-08-04T22:17:18.907Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-8331 (GCVE-0-2019-8331)
Vulnerability from cvelistv5
Published
2019-02-20 16:00
Modified
2024-08-04 21:17
Severity ?
EPSS score ?
Summary
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T21:17:31.342Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "107375", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107375", }, { name: "20190509 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { name: "20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { name: "20190510 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { name: "20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { name: "RHSA-2019:1456", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { name: "[flink-user] 20190811 Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E", }, { name: "[flink-dev] 20190811 Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E", }, { name: "[flink-user] 20190813 Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E", }, { name: "[flink-user] 20190813 Re: Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E", }, { name: "[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E", }, { name: "RHSA-2019:3023", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { name: "RHSA-2019:3024", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { name: "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { name: "[hbase-issues] 20201116 [GitHub] [hbase] symat opened a new pull request #2661: HBASE-25261 Upgrade Bootstrap to 3.4.1", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714%40%3Cissues.hbase.apache.org%3E", }, { name: "[pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/twbs/bootstrap/pull/28236", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/twbs/bootstrap/releases/tag/v4.3.1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/twbs/bootstrap/releases/tag/v3.4.1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K24383845", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K24383845?utm_source=f5support&%3Butm_medium=RSS", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-02-20T00:00:00", descriptions: [ { lang: "en", value: "In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-22T17:06:15", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "107375", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107375", }, { name: "20190509 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { name: "20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { name: "20190510 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { name: "20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { name: "RHSA-2019:1456", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { name: "[flink-user] 20190811 Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E", }, { name: "[flink-dev] 20190811 Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E", }, { name: "[flink-user] 20190813 Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E", }, { name: "[flink-user] 20190813 Re: Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E", }, { name: "[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E", }, { name: "RHSA-2019:3023", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { name: "RHSA-2019:3024", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { name: "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { name: "[hbase-issues] 20201116 [GitHub] [hbase] symat opened a new pull request #2661: HBASE-25261 Upgrade Bootstrap to 3.4.1", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714%40%3Cissues.hbase.apache.org%3E", }, { name: "[pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/twbs/bootstrap/pull/28236", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/twbs/bootstrap/releases/tag/v4.3.1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/twbs/bootstrap/releases/tag/v3.4.1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K24383845", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K24383845?utm_source=f5support&%3Butm_medium=RSS", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-8331", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "107375", refsource: "BID", url: "http://www.securityfocus.com/bid/107375", }, { name: "20190509 dotCMS v5.1.1 Vulnerabilities", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/May/18", }, { name: "20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/May/11", }, { name: "20190510 dotCMS v5.1.1 Vulnerabilities", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/May/10", }, { name: "20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/May/13", }, { name: "RHSA-2019:1456", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { name: "[flink-user] 20190811 Apache flink 1.7.2 security issues", refsource: "MLIST", url: "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854@%3Cuser.flink.apache.org%3E", }, { name: "[flink-dev] 20190811 Apache flink 1.7.2 security issues", refsource: "MLIST", url: "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731@%3Cdev.flink.apache.org%3E", }, { name: "[flink-user] 20190813 Apache flink 1.7.2 security issues", refsource: "MLIST", url: "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49@%3Cuser.flink.apache.org%3E", }, { name: "[flink-user] 20190813 Re: Apache flink 1.7.2 security issues", refsource: "MLIST", url: "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2@%3Cuser.flink.apache.org%3E", }, { name: "[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1", refsource: "MLIST", url: "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E", }, { name: "RHSA-2019:3023", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { name: "RHSA-2019:3024", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { name: "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", refsource: "MLIST", url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", }, { name: "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", refsource: "MLIST", url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", }, { name: "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", refsource: "MLIST", url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", }, { name: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { name: "[hbase-issues] 20201116 [GitHub] [hbase] symat opened a new pull request #2661: HBASE-25261 Upgrade Bootstrap to 3.4.1", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E", }, { name: "[pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E", }, { name: "https://www.oracle.com/security-alerts/cpuApr2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { name: "https://github.com/twbs/bootstrap/pull/28236", refsource: "MISC", url: "https://github.com/twbs/bootstrap/pull/28236", }, { name: "https://github.com/twbs/bootstrap/releases/tag/v4.3.1", refsource: "MISC", url: "https://github.com/twbs/bootstrap/releases/tag/v4.3.1", }, { name: "https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", refsource: "CONFIRM", url: "https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", }, { name: "https://github.com/twbs/bootstrap/releases/tag/v3.4.1", refsource: "MISC", url: "https://github.com/twbs/bootstrap/releases/tag/v3.4.1", }, { name: "https://support.f5.com/csp/article/K24383845", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K24383845", }, { name: "https://support.f5.com/csp/article/K24383845?utm_source=f5support&utm_medium=RSS", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K24383845?utm_source=f5support&utm_medium=RSS", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-8331", datePublished: "2019-02-20T16:00:00", dateReserved: "2019-02-13T00:00:00", dateUpdated: "2024-08-04T21:17:31.342Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-3620 (GCVE-0-2021-3620)
Vulnerability from cvelistv5
Published
2022-03-03 18:23
Modified
2025-02-13 16:28
Severity ?
EPSS score ?
Summary
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:01:07.670Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1975767", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-3620", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T17:09:25.955830Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T17:13:51.591Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "ansible", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in Ansible Engine v2.9.27", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-209", description: "CWE-209 - Generation of Error Message Containing Sensitive Information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-28T19:06:30.310Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1975767", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0", }, { url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-3620", datePublished: "2022-03-03T18:23:38.000Z", dateReserved: "2021-06-24T00:00:00.000Z", dateUpdated: "2025-02-13T16:28:25.255Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-11358 (GCVE-0-2019-11358)
Vulnerability from cvelistv5
Published
2019-04-19 00:00
Modified
2024-11-15 15:11
Severity ?
EPSS score ?
Summary
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:48:09.199Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.drupal.org/sa-core-2019-006", }, { tags: [ "x_transferred", ], url: "https://www.synology.com/security/advisory/Synology_SA_19_19", }, { name: "DSA-4434", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4434", }, { name: "20190421 [SECURITY] [DSA 4434-1] drupal7 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/32", }, { name: "108023", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/108023", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E", }, { name: "[debian-lts-announce] 20190506 [SECURITY] [DLA 1777-1] jquery security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html", }, { name: "FEDORA-2019-eba8e44ee6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/", }, { name: "FEDORA-2019-1a3edd7e8a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/", }, { name: "FEDORA-2019-7eaf0bbe7c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/", }, { name: "FEDORA-2019-2a0ce0c58c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/", }, { name: "FEDORA-2019-a06dffab1c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/", }, { name: "FEDORA-2019-f563e66380", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/", }, { name: "20190509 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html", }, { name: "20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { name: "20190510 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { name: "20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { name: "[debian-lts-announce] 20190520 [SECURITY] [DLA 1797-1] drupal7 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html", }, { name: "[oss-security] 20190603 Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/06/03/2", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html", }, { name: "RHSA-2019:1456", tags: [ "vendor-advisory", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { name: "DSA-4460", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4460", }, { name: "20190612 [SECURITY] [DSA 4460-1] mediawiki security update", tags: [ "mailing-list", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Jun/12", }, { name: "openSUSE-SU-2019:1839", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", }, { name: "RHBA-2019:1570", tags: [ "vendor-advisory", "x_transferred", ], url: "https://access.redhat.com/errata/RHBA-2019:1570", }, { name: "openSUSE-SU-2019:1872", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", }, { name: "[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E", }, { name: "RHSA-2019:2587", tags: [ "vendor-advisory", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2587", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190919-0001/", }, { name: "RHSA-2019:3023", tags: [ "vendor-advisory", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { name: "RHSA-2019:3024", tags: [ "vendor-advisory", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { name: "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { name: "[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2019-08", }, { name: "[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E", }, { name: "[debian-lts-announce] 20200224 [SECURITY] [DLA 2118-1] otrs2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2020-02", }, { name: "[syncope-dev] 20200423 Jquery version on 2.1.x/2.0.x", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E", }, { name: "[flink-dev] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E", }, { name: "[flink-issues] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200518 [jira] [Commented] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200518 [jira] [Updated] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200518 [jira] [Assigned] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200520 [jira] [Closed] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { name: "[storm-dev] 20200708 [GitHub] [storm] Crim opened a new pull request #3305: [STORM-3553] Upgrade jQuery from 1.11.1 to 3.5.1", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { tags: [ "x_transferred", ], url: "https://backdropcms.org/security/backdrop-sa-core-2019-009", }, { tags: [ "x_transferred", ], url: "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", }, { tags: [ "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JS-JQUERY-174006", }, { tags: [ "x_transferred", ], url: "https://github.com/jquery/jquery/pull/4333", }, { tags: [ "x_transferred", ], url: "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b", }, { tags: [ "x_transferred", ], url: "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_transferred", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_transferred", ], url: "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1", }, { name: "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-11358", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-02-20T15:03:16.892088Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T15:11:23.024Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-31T02:06:52.187292", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.drupal.org/sa-core-2019-006", }, { url: "https://www.synology.com/security/advisory/Synology_SA_19_19", }, { name: "DSA-4434", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2019/dsa-4434", }, { name: "20190421 [SECURITY] [DSA 4434-1] drupal7 security update", tags: [ "mailing-list", ], url: "https://seclists.org/bugtraq/2019/Apr/32", }, { name: "108023", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/108023", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E", }, { name: "[debian-lts-announce] 20190506 [SECURITY] [DLA 1777-1] jquery security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html", }, { name: "FEDORA-2019-eba8e44ee6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/", }, { name: "FEDORA-2019-1a3edd7e8a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/", }, { name: "FEDORA-2019-7eaf0bbe7c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/", }, { name: "FEDORA-2019-2a0ce0c58c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/", }, { name: "FEDORA-2019-a06dffab1c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/", }, { name: "FEDORA-2019-f563e66380", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/", }, { name: "20190509 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { url: "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html", }, { name: "20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { name: "20190510 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { name: "20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { name: "[debian-lts-announce] 20190520 [SECURITY] [DLA 1797-1] drupal7 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html", }, { name: "[oss-security] 20190603 Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2019/06/03/2", }, { url: "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html", }, { name: "RHSA-2019:1456", tags: [ "vendor-advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { name: "DSA-4460", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2019/dsa-4460", }, { name: "20190612 [SECURITY] [DSA 4460-1] mediawiki security update", tags: [ "mailing-list", ], url: "https://seclists.org/bugtraq/2019/Jun/12", }, { name: "openSUSE-SU-2019:1839", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", }, { name: "RHBA-2019:1570", tags: [ "vendor-advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:1570", }, { name: "openSUSE-SU-2019:1872", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", }, { name: "[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E", }, { name: "RHSA-2019:2587", tags: [ "vendor-advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2587", }, { url: "https://security.netapp.com/advisory/ntap-20190919-0001/", }, { name: "RHSA-2019:3023", tags: [ "vendor-advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { name: "RHSA-2019:3024", tags: [ "vendor-advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { name: "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { name: "[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E", }, { url: "https://www.tenable.com/security/tns-2019-08", }, { name: "[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E", }, { name: "[debian-lts-announce] 20200224 [SECURITY] [DLA 2118-1] otrs2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html", }, { url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { url: "https://www.tenable.com/security/tns-2020-02", }, { name: "[syncope-dev] 20200423 Jquery version on 2.1.x/2.0.x", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E", }, { name: "[flink-dev] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E", }, { name: "[flink-issues] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200518 [jira] [Commented] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200518 [jira] [Updated] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200518 [jira] [Assigned] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200520 [jira] [Closed] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E", }, { url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { name: "[storm-dev] 20200708 [GitHub] [storm] Crim opened a new pull request #3305: [STORM-3553] Upgrade jQuery from 1.11.1 to 3.5.1", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E", }, { url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { url: "https://backdropcms.org/security/backdrop-sa-core-2019-009", }, { url: "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", }, { url: "https://snyk.io/vuln/SNYK-JS-JQUERY-174006", }, { url: "https://github.com/jquery/jquery/pull/4333", }, { url: "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b", }, { url: "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/", }, { url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601", }, { url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { url: "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1", }, { name: "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-11358", datePublished: "2019-04-19T00:00:00", dateReserved: "2019-04-19T00:00:00", dateUpdated: "2024-11-15T15:11:23.024Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-16881 (GCVE-0-2018-16881)
Vulnerability from cvelistv5
Published
2019-01-25 18:00
Modified
2024-08-05 10:32
Severity ?
EPSS score ?
Summary
A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2019:2110 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:2439 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:2437 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHBA-2019:2501 | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16881 | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2022/05/msg00028.html | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The rsyslog Project | rsyslog: |
Version: 8.27.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:32:54.189Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2019:2110", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2110", }, { name: "RHSA-2019:2439", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2439", }, { name: "RHSA-2019:2437", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2437", }, { name: "RHBA-2019:2501", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHBA-2019:2501", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16881", }, { name: "[debian-lts-announce] 20220520 [SECURITY] [DLA 3016-1] rsyslog security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/05/msg00028.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "rsyslog:", vendor: "The rsyslog Project", versions: [ { status: "affected", version: "8.27.0", }, ], }, ], datePublic: "2017-04-19T00:00:00", descriptions: [ { lang: "en", value: "A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-21T00:06:11", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2019:2110", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2110", }, { name: "RHSA-2019:2439", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2439", }, { name: "RHSA-2019:2437", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2437", }, { name: "RHBA-2019:2501", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHBA-2019:2501", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16881", }, { name: "[debian-lts-announce] 20220520 [SECURITY] [DLA 3016-1] rsyslog security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2022/05/msg00028.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2018-16881", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "rsyslog:", version: { version_data: [ { version_value: "8.27.0", }, ], }, }, ], }, vendor_name: "The rsyslog Project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.", }, ], }, impact: { cvss: [ [ { vectorString: "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-190", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2019:2110", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2110", }, { name: "RHSA-2019:2439", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2439", }, { name: "RHSA-2019:2437", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2437", }, { name: "RHBA-2019:2501", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHBA-2019:2501", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16881", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16881", }, { name: "[debian-lts-announce] 20220520 [SECURITY] [DLA 3016-1] rsyslog security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2022/05/msg00028.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2018-16881", datePublished: "2019-01-25T18:00:00", dateReserved: "2018-09-11T00:00:00", dateUpdated: "2024-08-05T10:32:54.189Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-17963 (GCVE-0-2018-17963)
Vulnerability from cvelistv5
Published
2018-10-09 22:00
Modified
2024-08-05 11:01
Severity ?
EPSS score ?
Summary
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2018/10/08/1 | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2018/dsa-4338 | vendor-advisory, x_refsource_DEBIAN | |
| https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/3826-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html | mailing-list, x_refsource_MLIST | |
| https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg06054.html | x_refsource_MISC | |
| https://access.redhat.com/errata/RHSA-2019:2166 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:2425 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:2553 | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:01:14.685Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20181008 Qemu: integer overflow issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2018/10/08/1", }, { name: "DSA-4338", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4338", }, { name: "[qemu-devel] 20180926 [PULL 24/25] net: ignore packet size greater than INT_MAX", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html", }, { name: "USN-3826-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3826-1/", }, { name: "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg06054.html", }, { name: "RHSA-2019:2166", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2166", }, { name: "RHSA-2019:2425", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2425", }, { name: "RHSA-2019:2553", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2553", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-09-26T00:00:00", descriptions: [ { lang: "en", value: "qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-27T04:32:05", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20181008 Qemu: integer overflow issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2018/10/08/1", }, { name: "DSA-4338", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4338", }, { name: "[qemu-devel] 20180926 [PULL 24/25] net: ignore packet size greater than INT_MAX", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html", }, { name: "USN-3826-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3826-1/", }, { name: "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html", }, { tags: [ "x_refsource_MISC", ], url: "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg06054.html", }, { name: "RHSA-2019:2166", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2166", }, { name: "RHSA-2019:2425", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2425", }, { name: "RHSA-2019:2553", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2553", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-17963", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20181008 Qemu: integer overflow issues", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2018/10/08/1", }, { name: "DSA-4338", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4338", }, { name: "[qemu-devel] 20180926 [PULL 24/25] net: ignore packet size greater than INT_MAX", refsource: "MLIST", url: "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html", }, { name: "USN-3826-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3826-1/", }, { name: "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html", }, { name: "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg06054.html", refsource: "MISC", url: "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg06054.html", }, { name: "RHSA-2019:2166", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2166", }, { name: "RHSA-2019:2425", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2425", }, { name: "RHSA-2019:2553", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2553", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-17963", datePublished: "2018-10-09T22:00:00", dateReserved: "2018-10-03T00:00:00", dateUpdated: "2024-08-05T11:01:14.685Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2017-9214 (GCVE-0-2017-9214)
Vulnerability from cvelistv5
Published
2017-05-23 17:00
Modified
2024-08-05 17:02
Severity ?
EPSS score ?
Summary
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2017:2698 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2017:2727 | vendor-advisory, x_refsource_REDHAT | |
| https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2017:2692 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2017:2553 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2017:2418 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2017:2648 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2017:2665 | vendor-advisory, x_refsource_REDHAT | |
| https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T17:02:43.682Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2017:2698", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2698", }, { name: "RHSA-2017:2727", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2727", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html", }, { name: "RHSA-2017:2692", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2692", }, { name: "RHSA-2017:2553", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2553", }, { name: "RHSA-2017:2418", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2418", }, { name: "RHSA-2017:2648", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2648", }, { name: "RHSA-2017:2665", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2665", }, { name: "[debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-05-23T00:00:00", descriptions: [ { lang: "en", value: "In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-20T00:06:12", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2017:2698", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2698", }, { name: "RHSA-2017:2727", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2727", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html", }, { name: "RHSA-2017:2692", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2692", }, { name: "RHSA-2017:2553", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2553", }, { name: "RHSA-2017:2418", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2418", }, { name: "RHSA-2017:2648", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2648", }, { name: "RHSA-2017:2665", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2665", }, { name: "[debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-9214", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2017:2698", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2698", }, { name: "RHSA-2017:2727", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2727", }, { name: "https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html", refsource: "CONFIRM", url: "https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html", }, { name: "RHSA-2017:2692", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2692", }, { name: "RHSA-2017:2553", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2553", }, { name: "RHSA-2017:2418", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2418", }, { name: "RHSA-2017:2648", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2648", }, { name: "RHSA-2017:2665", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2665", }, { name: "[debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-9214", datePublished: "2017-05-23T17:00:00", dateReserved: "2017-05-23T00:00:00", dateUpdated: "2024-08-05T17:02:43.682Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-10744 (GCVE-0-2019-10744)
Vulnerability from cvelistv5
Published
2019-07-25 23:43
Modified
2024-08-04 22:32
Severity ?
EPSS score ?
Summary
Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2019:3024 | vendor-advisory, x_refsource_REDHAT | |
| https://www.oracle.com/security-alerts/cpuoct2020.html | x_refsource_MISC | |
| https://snyk.io/vuln/SNYK-JS-LODASH-450202 | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20191004-0005/ | x_refsource_CONFIRM | |
| https://support.f5.com/csp/article/K47105354?utm_source=f5support&%3Butm_medium=RSS | x_refsource_CONFIRM | |
| https://www.oracle.com/security-alerts/cpujan2021.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:32:01.271Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2019:3024", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JS-LODASH-450202", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20191004-0005/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K47105354?utm_source=f5support&%3Butm_medium=RSS", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "lodash", vendor: "Snyk", versions: [ { status: "affected", version: "All versions prior to 4.17.12", }, ], }, ], descriptions: [ { lang: "en", value: "Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.", }, ], problemTypes: [ { descriptions: [ { description: "Prototype Pollution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-01-20T14:42:00", orgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", shortName: "snyk", }, references: [ { name: "RHSA-2019:3024", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://snyk.io/vuln/SNYK-JS-LODASH-450202", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20191004-0005/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K47105354?utm_source=f5support&%3Butm_medium=RSS", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "report@snyk.io", ID: "CVE-2019-10744", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "lodash", version: { version_data: [ { version_value: "All versions prior to 4.17.12", }, ], }, }, ], }, vendor_name: "Snyk", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Prototype Pollution", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2019:3024", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { name: "https://www.oracle.com/security-alerts/cpuoct2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { name: "https://snyk.io/vuln/SNYK-JS-LODASH-450202", refsource: "CONFIRM", url: "https://snyk.io/vuln/SNYK-JS-LODASH-450202", }, { name: "https://security.netapp.com/advisory/ntap-20191004-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20191004-0005/", }, { name: "https://support.f5.com/csp/article/K47105354?utm_source=f5support&utm_medium=RSS", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K47105354?utm_source=f5support&utm_medium=RSS", }, { name: "https://www.oracle.com/security-alerts/cpujan2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", assignerShortName: "snyk", cveId: "CVE-2019-10744", datePublished: "2019-07-25T23:43:03", dateReserved: "2019-04-03T00:00:00", dateUpdated: "2024-08-04T22:32:01.271Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2017-7481 (GCVE-0-2017-7481)
Vulnerability from cvelistv5
Published
2018-07-19 13:00
Modified
2024-08-05 16:04
Severity ?
EPSS score ?
Summary
Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2017:1599 | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2017:1334 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/98492 | vdb-entry, x_refsource_BID | |
| https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2017:1244 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2017:1499 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2017:2524 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2017:1476 | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/4072-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html | mailing-list, x_refsource_MLIST |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T16:04:11.540Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2017:1599", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:1599", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481", }, { name: "RHSA-2017:1334", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:1334", }, { name: "98492", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/98492", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2", }, { name: "RHSA-2017:1244", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:1244", }, { name: "RHSA-2017:1499", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:1499", }, { name: "RHSA-2017:2524", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:2524", }, { name: "RHSA-2017:1476", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:1476", }, { name: "USN-4072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4072-1/", }, { name: "[debian-lts-announce] 20210127 [SECURITY] [DLA 2535-1] ansible security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ansible", vendor: "[UNKNOWN]", versions: [ { status: "affected", version: "ansible 2.3.1.0", }, { status: "affected", version: "ansible 2.4.0.0", }, ], }, ], datePublic: "2017-05-09T00:00:00", descriptions: [ { lang: "en", value: "Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-01-27T23:06:14", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2017:1599", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:1599", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481", }, { name: "RHSA-2017:1334", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:1334", }, { name: "98492", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/98492", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2", }, { name: "RHSA-2017:1244", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:1244", }, { name: "RHSA-2017:1499", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:1499", }, { name: "RHSA-2017:2524", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:2524", }, { name: "RHSA-2017:1476", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:1476", }, { name: "USN-4072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4072-1/", }, { name: "[debian-lts-announce] 20210127 [SECURITY] [DLA 2535-1] ansible security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2017-7481", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ansible", version: { version_data: [ { version_value: "ansible 2.3.1.0", }, { version_value: "ansible 2.4.0.0", }, ], }, }, ], }, vendor_name: "[UNKNOWN]", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.", }, ], }, impact: { cvss: [ [ { vectorString: "5.3/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2017:1599", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:1599", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481", }, { name: "RHSA-2017:1334", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:1334", }, { name: "98492", refsource: "BID", url: "http://www.securityfocus.com/bid/98492", }, { name: "https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2", refsource: "CONFIRM", url: "https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2", }, { name: "RHSA-2017:1244", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:1244", }, { name: "RHSA-2017:1499", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:1499", }, { name: "RHSA-2017:2524", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:2524", }, { name: "RHSA-2017:1476", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:1476", }, { name: "USN-4072-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4072-1/", }, { name: "[debian-lts-announce] 20210127 [SECURITY] [DLA 2535-1] ansible security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2017-7481", datePublished: "2018-07-19T13:00:00", dateReserved: "2017-04-05T00:00:00", dateUpdated: "2024-08-05T16:04:11.540Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-17958 (GCVE-0-2018-17958)
Vulnerability from cvelistv5
Published
2018-10-09 22:00
Modified
2024-08-05 11:01
Severity ?
EPSS score ?
Summary
Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2018/10/08/1 | mailing-list, x_refsource_MLIST | |
| https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03269.html | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/105556 | vdb-entry, x_refsource_BID | |
| https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/3826-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://www.debian.org/security/2019/dsa-4454 | vendor-advisory, x_refsource_DEBIAN | |
| https://seclists.org/bugtraq/2019/May/76 | mailing-list, x_refsource_BUGTRAQ | |
| https://access.redhat.com/errata/RHSA-2019:2425 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:2553 | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:01:14.687Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20181008 Qemu: integer overflow issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2018/10/08/1", }, { name: "[qemu-devel] 20180926 [PULL 22/25] rtl8139: fix possible out of bound access", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03269.html", }, { name: "105556", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/105556", }, { name: "[debian-lts-announce] 20190129 [SECURITY] [DLA 1646-1] qemu security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html", }, { name: "USN-3826-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3826-1/", }, { name: "DSA-4454", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4454", }, { name: "20190531 [SECURITY] [DSA 4454-1] qemu security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/May/76", }, { name: "RHSA-2019:2425", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2425", }, { name: "RHSA-2019:2553", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2553", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-09-26T00:00:00", descriptions: [ { lang: "en", value: "Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-22T11:06:16", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20181008 Qemu: integer overflow issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2018/10/08/1", }, { name: "[qemu-devel] 20180926 [PULL 22/25] rtl8139: fix possible out of bound access", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03269.html", }, { name: "105556", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/105556", }, { name: "[debian-lts-announce] 20190129 [SECURITY] [DLA 1646-1] qemu security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html", }, { name: "USN-3826-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3826-1/", }, { name: "DSA-4454", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4454", }, { name: "20190531 [SECURITY] [DSA 4454-1] qemu security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/May/76", }, { name: "RHSA-2019:2425", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2425", }, { name: "RHSA-2019:2553", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2553", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-17958", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20181008 Qemu: integer overflow issues", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2018/10/08/1", }, { name: "[qemu-devel] 20180926 [PULL 22/25] rtl8139: fix possible out of bound access", refsource: "MLIST", url: "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03269.html", }, { name: "105556", refsource: "BID", url: "http://www.securityfocus.com/bid/105556", }, { name: "[debian-lts-announce] 20190129 [SECURITY] [DLA 1646-1] qemu security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html", }, { name: "USN-3826-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3826-1/", }, { name: "DSA-4454", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4454", }, { name: "20190531 [SECURITY] [DSA 4454-1] qemu security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/May/76", }, { name: "RHSA-2019:2425", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2425", }, { name: "RHSA-2019:2553", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2553", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-17958", datePublished: "2018-10-09T22:00:00", dateReserved: "2018-10-03T00:00:00", dateUpdated: "2024-08-05T11:01:14.687Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }